Multiple Choice
A company uses Amazon S3 to store documents that may only be accessible to an Amazon EC2 instance in a certain virtual private cloud (VPC) . The company fears that a malicious insider with access to this instance could also set up an EC2 instance in another VPC to access these documents. Which of the following solutions will provide the required protection?
A) Use an S3 VPC endpoint and an S3 bucket policy to limit access to this VPC endpoint.
B) Use EC2 instance profiles and an S3 bucket policy to limit access to the role attached to the instance profile.
C) Use S3 client-side encryption and store the key in the instance metadata.
D) Use S3 server-side encryption and protect the key with an encryption context.
Correct Answer:
Verified
Correct Answer:
Verified
Q798: A financial services company has an on-premises
Q799: Your department creates regular analytics reports from
Q800: A user is creating a snapshot of
Q801: A user is sending a custom metric
Q802: <img src="https://d2lvgg3v3hfg70.cloudfront.net/C1091/.jpg" alt=" An organization has
Q804: A large global financial services company has
Q805: Does Autoscaling automatically assign tags to resources?<br>A)
Q806: IAM users do not have permission to
Q807: As a part of building large applications
Q808: A company is planning to migrate an