Amazon Exam SCS-C02 Topic 7 Question 19 Discussion

Actual exam question for Amazon's SCS-C02 exam

Question #: 19
Topic #: 7

A company's data scientists want to create AI/ML training models using Amazon SageMaker. The training models will use large datasets in an Amazon S3 bucket. The datasets contain sensitive information. On average, the data scientists need 30 days to train models. The S3 bucket has been secured appropriately. The company's data retention policy states that all data older than 45 days must be removed from the S3 bucket.

AConfigure an S3 Lifecycle rule on the S3 bucket to delete objects after 45 days.

BCreate an AWS Lambda function to check the last-modified date of the S3 objects and delete objects that are older than 45 days. Create an S3 event notification to invoke the Lambda function for each PutObject operation.

CCreate an AWS Lambda function to check the last-modified date of the S3 objects and delete objects that are older than 45 days. Create an Amazon EventBridge rule to invoke the Lambda function each month.

DConfigure S3 Intelligent-Tiering on the S3 bucket to automatically transition objects to another storage class.

Show Suggested Answer

Suggested Answer: C

To mitigate a credential stuffing attack against a web-based application behind an Application Load Balancer (ALB), creating an AWS WAF web ACL with a custom rule to block requests containing the known malicious user agent string is an effective solution. This approach allows for precise targeting of the attack vector (the user agent string of the device emulator) without impacting legitimate users. AWS WAF provides the capability to inspect HTTP(S) requests and block those that match defined criteria, such as specific strings in the user agent header, thereby preventing malicious requests from reaching the application.

by Jolene at May 19, 2024, 08:50 PM

Limited Time Offer

25%

25 days ago

I think option A is the best choice. It's simple and straightforward.

upvoted 0 times

...