Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon BDS-C00 Exam - Topic 2 Question 86 Discussion

A systems engineer for a company proposes digitalization and backup of large archives for customers. The systems engineer needs to provide users with a secure storage that makes sure that data will never be tempered with once it has been uploaded. How should this be accomplished?
A) Create an Amazon Glacier Vault. Specify a ''Deny'' Vault lock policy on this vault to block ''glacier:DeleteArchive''. and B) Create an Amazon S3 bucker. Specify a ''Deny'' bucket policy on this bucket to block ''s3:DeleteObject''. and D) Create a secondary AWS containing an Amazon S3 bucket. Grant ''s3:PutObject'' to the primary account.
C) Create an Amazon Glacier Vault. Specify a ''Deny'' vault access policy on this Vault to block ''glacier:DeleteArchive''.

Amazon BDS-C00 Exam - Topic 2 Question 86 Discussion

Actual exam question for Amazon's BDS-C00 exam
Question #: 86
Topic #: 2
[All BDS-C00 Questions]

A systems engineer for a company proposes digitalization and backup of large archives for customers. The systems engineer needs to provide users with a secure storage that makes sure that data will never be tempered with once it has been uploaded. How should this be accomplished?

Show Suggested Answer Hide Answer
Suggested Answer: A, B, D

by Kerry at Feb 11, 2024, 01:41 PM

Limited Time Offer

25%

Off

Get Premium BDS-C00 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Latricia
6 months ago
C seems redundant, isn't A enough?
upvoted 0 times
...
Susana
7 months ago
Totally agree with A, it's the safest choice!
upvoted 0 times
...
Lenita
7 months ago
Wait, can we really guarantee data won't be tampered with?
upvoted 0 times
...
Hana
7 months ago
I think B is better for flexibility.
upvoted 0 times
...
Detra
7 months ago
Option A sounds solid for long-term storage!
upvoted 0 times
...
Bobbie
7 months ago
I'm leaning towards option A, but I can't quite recall if a vault lock policy is the same as an access policy. It’s a bit confusing!
upvoted 0 times
...
Linette
8 months ago
I practiced a similar question where we had to ensure data integrity. I think option C sounds right since it mentions a vault access policy.
upvoted 0 times
...
Kaitlyn
8 months ago
I think option B with the S3 bucket policy could work too, but I feel like it might not be as secure as using Glacier for long-term storage.
upvoted 0 times
...
Goldie
8 months ago
I remember studying about Amazon Glacier and its vaults, but I'm not sure if the vault lock policy is the best way to ensure data can't be deleted.
upvoted 0 times
...
Rory
8 months ago
This is a tricky one. I'm not super familiar with the intricacies of Amazon Glacier and S3 policies. I'll need to take some time to really understand the differences between the two services and how to properly configure the access controls.
upvoted 0 times
...
Yun
8 months ago
Okay, I think I've got this. The key is to set up a deny policy to block the specific actions that could delete or modify the archived data. I'll carefully read through the answer choices to determine the best approach.
upvoted 0 times
...
Lorrine
8 months ago
Hmm, I'm a bit unsure about the specifics here. I know we need to prevent data from being tampered with, but I'm not sure if Amazon Glacier or S3 is the better option. I'll need to review the differences between the two services.
upvoted 0 times
...
Art
8 months ago
This seems like a straightforward question about securing data storage. I think I have a good handle on the AWS services and policies needed to accomplish this.
upvoted 0 times
...
Cecily
8 months ago
This is a lot of information to process, but I think I can tackle it. The key will be identifying the factor that would be the least attractive to Flavoring's management team. I'll need to consider their incentives, the potential benefits of the merger, and how the two companies' resources and capabilities might complement each other. With some careful analysis, I think I can figure out the least likely reason they would favor the acquisition.
upvoted 0 times
...
Colette
8 months ago
Hmm, I'm a little unsure about this one. I know missing values can cause issues, but I'm not totally sure what the specific problems are. I'll have to think this through carefully.
upvoted 0 times
...
Lovetta
8 months ago
I feel pretty confident about this question. The lack of an external market and the need to cover all costs are likely the top reasons companies use cost-based transfer pricing. I'll double-check my answer before submitting.
upvoted 0 times
...
Tamesha
1 year ago
The solution should be as secure as Fort Knox, but not as complicated as building Fort Knox. I think the Glacier Vault with the Deny Vault lock policy is the way to go.
upvoted 0 times
Joaquin
12 months ago
C) Definitely, we need a solution that is secure and reliable for our customers' data.
upvoted 0 times
...
Agustin
12 months ago
B) I agree, the Glacier Vault with the Deny Vault lock policy seems like the most secure option.
upvoted 0 times
...
Alysa
12 months ago
A) Create an Amazon Glacier Vault. Specify a ''Deny'' Vault lock policy on this vault to block ''glacier:DeleteArchive''.
upvoted 0 times
...
Charlesetta
12 months ago
C) Definitely, we need a solution that is secure and reliable for our customers' data.
upvoted 0 times
...
Fausto
1 year ago
B) I agree, the Glacier Vault with the Deny Vault lock policy seems like the most secure option.
upvoted 0 times
...
Tiera
1 year ago
A) Create an Amazon Glacier Vault. Specify a ''Deny'' Vault lock policy on this vault to block ''glacier:DeleteArchive''.
upvoted 0 times
...
...
Daren
1 year ago
I'm picturing the engineer frantically trying to remember which option blocks the 'glacier:DeleteArchive' action. 'Ugh, was it Deny Vault policy or Deny Vault access policy?'
upvoted 0 times
Selma
12 months ago
C) Create an Amazon Glacier Vault. Specify a ''Deny'' vault access policy on this Vault to block ''glacier:DeleteArchive''.
upvoted 0 times
...
Cornell
1 year ago
B) Create an Amazon S3 bucket. Specify a ''Deny'' bucket policy on this bucket to block ''s3:DeleteObject''.
upvoted 0 times
...
Zona
1 year ago
A) Create an Amazon Glacier Vault. Specify a ''Deny'' Vault lock policy on this vault to block ''glacier:DeleteArchive''.
upvoted 0 times
...
...
Vallie
1 year ago
Creating a secondary AWS account just to grant PutObject permissions? That's a bit overkill, don't you think?
upvoted 0 times
Clorinda
11 months ago
C) Create an Amazon Glacier Vault. Specify a ''Deny'' vault access policy on this Vault to block ''glacier:DeleteArchive''.
upvoted 0 times
...
Nu
12 months ago
Creating a secondary AWS account just to grant PutObject permissions? That's a bit overkill, don't you think?
upvoted 0 times
...
Lizette
12 months ago
B) Create an Amazon S3 bucker. Specify a ''Deny'' bucket policy on this bucket to block ''s3:DeleteObject''.
upvoted 0 times
...
Paola
1 year ago
A) Create an Amazon Glacier Vault. Specify a ''Deny'' Vault lock policy on this vault to block ''glacier:DeleteArchive''.
upvoted 0 times
...
...
Winfred
1 year ago
Hmm, the S3 bucket option sounds simpler, but a Deny bucket policy might not be as foolproof as the Glacier Vault.
upvoted 0 times
Elmer
1 year ago
User 2: Yeah, but the S3 bucket with a Deny bucket policy could also work if implemented correctly.
upvoted 0 times
...
Jackie
1 year ago
User 1: I think the Glacier Vault with a Deny vault access policy is the most secure option.
upvoted 0 times
...
Brice
1 year ago
User 2: Yeah, but the S3 bucket with a Deny bucket policy could also work if set up correctly.
upvoted 0 times
...
Lashandra
1 year ago
User 1: I think the Glacier Vault with a Deny vault access policy would be more secure.
upvoted 0 times
...
...
Tien
1 year ago
A Glacier Vault with a Deny Vault lock policy is the way to go. That'll make sure those archives are locked down tight!
upvoted 0 times
Sabra
1 year ago
A Glacier Vault with a Deny Vault lock policy is the way to go. That'll make sure those archives are locked down tight!
upvoted 0 times
...
Mary
1 year ago
B) Create an Amazon S3 bucker. Specify a ''Deny'' bucket policy on this bucket to block ''s3:DeleteObject''.
upvoted 0 times
...
Pearly
1 year ago
A) Create an Amazon Glacier Vault. Specify a ''Deny'' Vault lock policy on this vault to block ''glacier:DeleteArchive''.
upvoted 0 times
...
...
Lynda
1 year ago
I see your point, but I still think option A is better because Glacier Vaults are specifically designed for long-term archival storage.
upvoted 0 times
...
Laurene
1 year ago
I disagree, I believe option B is more secure. By using an S3 bucket with a 'Deny' bucket policy, we can block deletion of objects.
upvoted 0 times
...
Lynda
1 year ago
I think option A is the best choice because using a Glacier Vault with a 'Deny' Vault lock policy will prevent deletion of archives.
upvoted 0 times
...

Save Cancel