Multiple Choice
A company using AWS Organizations requires that no Amazon S3 buckets in its production accounts should ever be deleted. What is the SIMPLEST approach the SysOps administrator can take to ensure S3 buckets in those accounts can never be deleted?
A) Set up MFA Delete on all the S3 buckets to prevent the buckets from being deleted.
B) Use service control policies to deny the s3:DeleteBucket action on all buckets in production accounts. Use service control policies to deny the s3:DeleteBucket action on all buckets in production accounts.
C) Create an IAM group that has an IAM policy to deny the s3:DeleteBucket action on all buckets in production accounts. Create an IAM group that has an IAM policy to deny the
D) Use AWS Shield to deny the s3:DeleteBucket action on the AWS account instead of all S3 buckets. Use AWS Shield to deny the action on the AWS account instead of all S3 buckets.
Correct Answer:
Verified
Correct Answer:
Verified
Q18: A company is running a website on
Q19: A company is running a serverless application
Q20: A SysOps administrator has created a VPC
Q21: A new website will run on Amazon
Q22: A SysOps administrator is deploying an application
Q24: A company's IT department noticed an increase
Q25: A SysOps administrator notices a scale-up event
Q26: A company hosts an online shopping portal
Q27: A company uses an Amazon Elastic File
Q28: A company has a VPC with public