Amazon SCS-C02 Exam - Topic 2 Question 56 Discussion

Actual exam question for Amazon's SCS-C02 exam

Question #: 56
Topic #: 2

[Data Protection]

A company stores sensitive data in an Amazon S3 bucket. The company encrypts the data at rest by using server-side encryption with Amazon S3 managed keys (SSE-S3). A security engineer must prevent any modifications to the data in the S3 bucket. Which solution will meet this requirement?

AConfigure S3 bucket policies to deny DELETE and PUT object permissions.

BConfigure S3 Object Lock in compliance mode with S3 bucket versioning enabled.

CChange the encryption on the S3 bucket to use AWS Key Management Service (AWS KMS) customer managed keys.

DConfigure the S3 bucket with multi-factor authentication (MFA) delete protection.

Show Suggested Answer

Suggested Answer: B

by Renato at Mar 07, 2026, 05:45 PM

Limited Time Offer

25%

Off

Get Premium SCS-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!