AWS Certified Security - Specialty (SCS-C01)

SCS-C01: AWS Certified Security – Specialty Practice Exams with complete explanations!
4.00 (1 reviews)
Udemy
platform
English
language
Network & Security
category
instructor
AWS Certified Security - Specialty (SCS-C01)
756
students
59 questions
content
Apr 2024
last update
$19.99
regular price

Why take this course?

based on the scenario provided, the most appropriate answer would be D) Enable Cross-Account Access Point (CAP) with proper permissions and using encrypted endpoints. Here's why:

A) AWS Organizations: While AWS Organizations provides centralized management and control, it does not inherently address the issue of securely sharing access to an S3 bucket across different AWS accounts.

B) Bucket Policies: Bucket policies can manage permissions at the bucket level, but they do not ensure that data is encrypted in transit between AWS accounts or provide a native mechanism for implementing cross-account access with encryption by default.

C) Data Lifecycle Policies: Data Lifecycle Policies help automate the management of objects within an S3 bucket, but they also do not inherently secure data in transit between AWS accounts.

D) Enable Cross-Account Access Point (CAP) with proper permissions and using encrypted endpoints: This solution directly addresses the requirement to share access to an S3 bucket across different AWS accounts while ensuring that data is encrypted in transit. CAP allows for secure cross-account access without having to manage complex IAM roles and policies or use VPC endpoints for all traffic, which can be costlier and more complex to manage.

E) VPC Endpoint for S3: While VPC Endpoints for S3 provide private and secure access to S3 buckets, they do not inherently enforce encryption of data in transit between AWS accounts. They are also a more complex solution that might not be necessary if the communication is already encrypted using SSL/TLS through CAP with encrypted endpoints.

Therefore, D) is the best answer as it provides a secure and efficient way to share S3 resources across different AWS accounts while ensuring data is protected both at rest and in transit.

Loading charts...

4306053
udemy ID
18/09/2021
course created date
30/09/2021
course indexed date
Bot
course submited by