Multiple Choice
An organization stores sensitive customer in S3 buckets protected by bucket policies. Recently, there have been reports that unauthorized entities within the company have been trying to access the data on those S3 buckets. The Chief Information Security Officer (CISO) would like to know which buckets are being targeted and determine who is responsible for trying to access that information. Which steps should a SysOps Administrator take to meet the CISO's requirement? (Choose two.)
A) Enable Amazon S3 Analytics on all affected S3 buckets to obtain a report of which buckets are being accessed without authorization.
B) Enable Amazon S3 Server Access Logging on all affected S3 buckets and have the logs stored in a bucket dedicated for logs.
C) Use Amazon Athena to query S3 Analytics report for HTTP 403 errors, and determine the IAM user or role making the requests.
D) Use Amazon Athena to query the S3 Server Access Logs for HTTP 403 errors, and determine the IAM user or role making the requests.
E) Use Amazon Athena to query the S3 Server Access Logs for HTTP 503 errors, and determine the IAM user or role making the requests.
Correct Answer:
Verified
Correct Answer:
Verified
Q273: A SysOps Administrator wants to automate the
Q274: A SysOps Administrator needs to confirm that
Q275: AWS IAM permissions can be assigned in
Q276: A company has deployed its infrastructure using
Q277: A user is observing the EC2 CPU
Q279: A user has created a Cloudformation stack.
Q280: An Application team has asked a SysOps
Q281: A new application runs on Amazon EC2
Q282: A SysOps administrator is evaluating Amazon Route
Q283: What does the AWS Storage Gateway provide?<br>A)