Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Amazon Exam SOA-C02 Topic 4 Question 82 Discussion

Actual exam question for Amazon's SOA-C02 exam
Question #: 82
Topic #: 4
[All SOA-C02 Questions]

A company needs to archive all audit logs for 10 years. The company must protect the logs from any future edits.

Which solution will meet these requirements?

Show Suggested Answer Hide Answer
Suggested Answer: B

To meet the requirements of the workload, a company should store the data in an Amazon S3 Glacier vault and configure a vault lock policy for write-once, read-many (WORM) access. This will ensure that the data is stored securely and cannot be edited in the future. The other solutions (storing the data in an Amazon Elastic Block Store (Amazon EBS) volume and configuring AWS Key Management Service (AWS KMS) encryption, storing the data in Amazon S3 Standard-Infrequent Access (S3 Standard-IA) and configuring server-side encryption, or storing the data in Amazon S3 Standard-Infrequent Access (S3 Standard-IA) and configuring multi-factor authentication (MFA)) will not meet the requirements, as they do not provide a way to protect the audit logs from future edits.

https://docs.aws.amazon.com/zh_tw/AmazonS3/latest/userguide/object-lock.html


by Aliza at Dec 10, 2023, 02:19 PM

Limited Time Offer

25%

Off

Get Premium SOA-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Johna
24 days ago
Hold on, guys. What about option C? It's also storing the data in S3, but with server-side encryption. That seems like a simpler and more cost-effective solution.
upvoted 0 times
Lura
6 days ago
Let's go with option B then for storing and protecting the audit logs.
upvoted 0 times
...
Freeman
7 days ago
Agreed, option B with the vault lock policy seems to be the best fit for the requirements.
upvoted 0 times
...
Rosalyn
8 days ago
I think option B would be the most secure and compliant solution for archiving audit logs.
upvoted 0 times
...
Reuben
9 days ago
Option A also provides encryption with AWS KMS for added security.
upvoted 0 times
...
Val
10 days ago
True, the WORM access in option B protects the data from any future edits.
upvoted 0 times
...
Harley
11 days ago
But option B offers the write-once, read-many access which is important for audit logs.
upvoted 0 times
...
Mila
12 days ago
Option C seems like a good choice for this scenario.
upvoted 0 times
...
...
Whitley
25 days ago
I'm with you, Goldie. And let's be honest, this is an exam question, so they're probably looking for the most robust and secure solution. WORM is the way to go.
upvoted 0 times
...
Lettie
26 days ago
True, but the WORM policy is a critical requirement. Without it, the logs could still be edited, and that's not an option.
upvoted 0 times
...
Goldie
27 days ago
Hmm, good point. Plus, with Glacier, we can be sure the data will be preserved for the full 10 years. I'm leaning more towards option B as well.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77