Multiple Choice
A Security Administrator has a website hosted in Amazon S3. The Administrator has been given the following requirements: Users may access the website by using an Amazon CloudFront distribution. Users may not access the website directly by using an Amazon S3 URL. Which configurations will support these requirements? (Choose two.)
A) Associate an origin access identity with the CloudFront distribution.
B) Implement a "Principal": "cloudfront.amazonaws.com" condition in the S3 bucket policy. Implement a "Principal": "cloudfront.amazonaws.com" condition in the S3 bucket policy.
C) Modify the S3 bucket permissions so that only the origin access identity can access the bucket contents.
D) Implement security groups so that the S3 bucket can be accessed only by using the intended CloudFront distribution.
E) Configure the S3 bucket policy so that it is accessible only through VPC endpoints, and place the CloudFront distribution into the specified VPC.
Correct Answer:
Verified
Correct Answer:
Verified
Q5: A company has hundreds of AWS accounts,
Q6: A developer is building a serverless application
Q7: A Security Engineer received an AWS Abuse
Q8: A company wants to deploy a distributed
Q9: The Security team believes that a former
Q11: A company's security engineer has been asked
Q12: A company has an application hosted in
Q13: A Software Engineer wrote a customized reporting
Q14: A company will store sensitive documents in
Q15: A company has a serverless application for