What are some measures that you can implement to mitiga…

You have a code repository that uses Amazon S3 as a data store. During a recent audit of your security controls, some
concerns were raised about maintaining the integrity of the data in the Amazon S3 bucket. Another concern was raised
around securely deploying code from Amazon S3 to applications running on Amazon EC2 in a virtual private cloud. What
are some measures that you can implement to mitigate these concerns? (Choose two.)

You have a code repository that uses Amazon S3 as a data store. During a recent audit of your security controls, some
concerns were raised about maintaining the integrity of the data in the Amazon S3 bucket. Another concern was raised
around securely deploying code from Amazon S3 to applications running on Amazon EC2 in a virtual private cloud. What
are some measures that you can implement to mitigate these concerns? (Choose two.)

A.
Add an Amazon S3 bucket policy with a condition statement to allow access only from Amazon EC2 instances with RFC 1918 IP
addresses and enable bucket versioning.

B.
Add an Amazon S3 bucket policy with a condition statement that requires multi-factor authentication in order to delete objects and
enable bucket versioning.

C.
Use a configuration management service to deploy AWS Identity and Access Management user credentials to the Amazon EC2
instances.
Use these credentials to securely access the Amazon S3 bucket when deploying code.

D.
Create an Amazon Identity and Access Management role with authorization to access the Amazon S3 bucket, and launch all of your
application’s Amazon EC2 instances with this role.

E.
Use AWS Data Pipeline to lifecycle the data in your Amazon S3 bucket to Amazon Glacier on a weekly basis.

F.
Use AWS Data Pipeline with multi-factor authentication to securely deploy code from the Amazon S3 bucket to your Amazon EC2
instances.



Leave a Reply 11

Your email address will not be published. Required fields are marked *


fifi

fifi

B & D is right answers.

raysmithvic1978

raysmithvic1978

B,D

Asim

Asim

B & D are correct answers

O'dili IKe

O'dili IKe

B & D should be the correct answer

Sadeel Anjum

Sadeel Anjum

B & D

Danish Hashmi

Danish Hashmi

B & D

Alan Cheung

Alan Cheung

B & F

Only F address the “deploying code” issue.

Option D does not address either:
1 . maintaining the integrity of the data in the Amazon S3 bucket
2. securely deploying code from Amazon S3

I have