Topic 1 Question 243
A company maintains a large set of sensitive data in an Amazon S3 bucket. The company's security team asks a SysOps administrator to help verify that all current objects in the S3 bucket are encrypted.
What is the MOST operationally efficient solution that meets these requirements?
Create a script that runs against the S3 bucket and outputs the status of each object.
Create an S3 Inventory configuration on the S3 bucket. Include the appropriate status fields.
Provide the security team with an IAM user that has read access to the S3 bucket.
Use the AWS CLI to output a list of all objects in the S3 bucket.
ユーザの投票
コメント(4)
- 正解だと思う選択肢: B
Encryption status – Set to SSE-S3, SSE-C, SSE-KMS, or NOT-SSE. The server-side encryption status for SSE-S3, SSE-KMS, and SSE with customer-provided keys (SSE-C). A status of NOT-SSE means that the object is not encrypted with server-side encryption.
https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage-inventory.html
👍 1anderri2023/02/15 anderri is correct. B is the right answer.
👍 1braveheart222023/03/04- 正解だと思う選択肢: B
The S3 Inventory feature provides a detailed report of objects and their metadata for an S3 bucket, which includes encryption status. By creating an S3 Inventory configuration on the S3 bucket and including the appropriate status fields, the security team can efficiently verify that all current objects in the S3 bucket are encrypted.
👍 1Vivec2023/03/11
シャッフルモード