Amazon Exam SCS-C02 Topic 5 Question 44 Discussion

Actual exam question for Amazon's SCS-C02 exam

Question #: 44
Topic #: 5

A security engineer needs to implement a write-once-read-many (WORM) model for data that a company will store in Amazon S3 buckets. The company uses the S3 Standard storage class for all of its S3 buckets. The security engineer must en-sure that objects cannot be overwritten or deleted by any user, including the AWS account root user.

Which solution will meet these requirements?

ACreate new S3 buckets with S3 Object Lock enabled in compliance mode. Place objects in the S3 buckets.

BUse S3 Glacier Vault Lock to attach a Vault Lock policy to new S3 buckets. Wait 24 hours to complete the Vault Lock process. Place objects in the S3 buckets.

CCreate new S3 buckets with S3 Object Lock enabled in governance mode. Place objects in the S3 buckets.

DCreate new S3 buckets with S3 Object Lock enabled in governance mode. Add a legal hold to the S3 buckets. Place objects in the S3 buckets.

Show Suggested Answer

Suggested Answer: A

by Margurite at Apr 05, 2025, 08:19 AM

Limited Time Offer

25%

Off

Get Premium SCS-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Stefania

2 days ago

I think the answer is A) Create new S3 buckets with S3 Object Lock enabled in compliance mode.

upvoted 0 times

...

Ira

12 days ago

Option A seems like the way to go. Can't go wrong with good old S3 Object Lock in compliance mode.

upvoted 0 times

...