You use S3 to store critical data for your company Several users within your group currently have lull
permissions to your S3 buckets You need to come up with a solution mat does not impact your users and also
protect against the accidental deletion of objects.
Which two options will address this issue?
Choose 2 answers
A.
Enable versioning on your S3 Buckets
B.
Configure your S3 Buckets with MFA delete
C.
Create a Bucket policy and only allow read only permissions to all users at the bucket level
D.
Enable object life cycle policies and configure the data older than 3 months to be archived in Glacier
Not C – impacting current credentials.
I say A & D. See https://aws.amazon.com/s3/faqs/
I think the answer is A, B. Versioning allows easy recovery of previous file version. MFA delete requires additional MFA authentication to delete files. Won’t impact the users current access.
http://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html
http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMFADelete.html
http://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html#MultiFactorAuthenticationDelete
A & B is the correct Answer
Question says “a solution mat does not impact your users and also
protect against the accidental deletion of objects.”
A- Versioning is for audit that who accessed bucket/object.
B- MFA is an extra layer of security on top of versioning.
C- Users cann’t update the file if they want. Our goal is to protect object/data.
D- As question says about deletion/security for object and not for log roation behind S3.
I’m agree with Vamsi A and B
A, B
ab
A and B. http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMFADelete.html
AB
AB
A B
AB
AB