How should this be accomplished?

BDS-C00 0 Comments

A systems engineer for a company proposes digitalization and backup of large archives for customers. The systems engineer needs to provide users with a secure storage that makes sure that data will never be tempered with once it has been uploaded.

How should this be accomplished?
A . Create an Amazon Glacier Vault. Specify a “Deny” Vault lock policy on this vault to block “glacier:DeleteArchive”.
B . Create an Amazon S3 bucker. Specify a “Deny” bucket policy on this bucket to block “s3:DeleteObject”.
C . Create an Amazon Glacier Vault. Specify a “Deny” vault access policy on this Vault to
block
“glacier:DeleteArchive”.
D . Create a secondary AWS containing an Amazon S3 bucket. Grant “s3:PutObject” to the primary account.

Answer: A

Explanation:

A Glacier "vault access policy" is a resource based policy that you can use to manage permissions to your vault. You can modify permissions in a Vault access policy at any time. A Glacier "vault lock policy" is vault access policy that can be locked. After you lock a vault lock policy, the policy cannot be changed. You can use a vault lock policy to enforce compliance controls. You can enforce the requirement by implementing the following vault lock policy: "glacier:DeleteArchieve" action on the vault.

Latest BDS-C00 Dumps Valid Version with 264 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download BDS-C00 PDF     BDS-C00 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments