Topic 1 Question 232

AWS Certified SysOps Administrator - Associate

Topic 1 Question 232
A SysOps administrator needs to configure a solution that will deliver digital content to a set of authorized users through Amazon CloudFront. Unauthorized users must be restricted from access.

Which solution will meet these requirements?
- Store the digital content in an Amazon S3 bucket that does not have public access blocked. Use signed URLs to access the S3 bucket through CloudFront.
- Store the digital content in an Amazon S3 bucket that has public access blocked. Use an origin access identity (OAI) to deliver the content through CloudFront. Restrict S3 bucket access with signed URLs in CloudFront.
- Store the digital content in an Amazon S3 bucket that has public access blocked. Use an origin access identity (OAI) to deliver the content through CloudFront. Enable field-level encryption.
- Store the digital content in an Amazon S3 bucket that does not have public access blocked. Use signed cookies for restricted delivery of the content through CloudFront.
ユーザの投票
コメント(4)
- 正解だと思う選択肢: B
  https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html
  
  👍 3
  defmania002023/02/26
- Definitely B
  
  👍 2
  braveheart222023/03/04
- 正解だと思う選択肢: B
  Option B is the correct solution because it uses an origin access identity (OAI) to restrict access to the S3 bucket, ensuring that only CloudFront can access the content. Public access is blocked on the S3 bucket, preventing unauthorized users from accessing the content directly. Signed URLs can also be used to restrict access further within CloudFront.
  
  👍 2
  Vivec2023/03/10
シャッフルモード

ユーザの投票

コメント(4)