Multiple Choice
An Amazon S3 bucket is encrypted using an AWS KMS CMK. An IAM user is unable to download objects from the S3 bucket using the AWS Management Console; however, other users can download objects from the S3 bucket. Which policies should the Security Engineer review and modify to resolve this issue? (Choose three.)
A) The CMK policy
B) The VPC endpoint policy
C) The S3 bucket policy
D) The S3 ACL
E) The IAM policy
Correct Answer:
Verified
Correct Answer:
Verified
Q210: The AWS Systems Manager Parameter Store is
Q211: A Development team has built an experimental
Q212: An application has been written that publishes
Q213: A company is using AWS Organizations to
Q214: A company has complex connectivity rules governing
Q216: A company's security information events management (SIEM)
Q217: A distributed web application is installed across
Q218: The Security Engineer implemented a new vault
Q219: A company has Windows Amazon EC2 instances
Q220: The Security Engineer created a new AWS