Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Amazon Exam SOA-C02 Topic 4 Question 82 Discussion

Actual exam question for Amazon's SOA-C02 exam
Question #: 82
Topic #: 4
[All SOA-C02 Questions]

A company needs to archive all audit logs for 10 years. The company must protect the logs from any future edits.

Which solution will meet these requirements?

Show Suggested Answer Hide Answer
Suggested Answer: B

To meet the requirements of the workload, a company should store the data in an Amazon S3 Glacier vault and configure a vault lock policy for write-once, read-many (WORM) access. This will ensure that the data is stored securely and cannot be edited in the future. The other solutions (storing the data in an Amazon Elastic Block Store (Amazon EBS) volume and configuring AWS Key Management Service (AWS KMS) encryption, storing the data in Amazon S3 Standard-Infrequent Access (S3 Standard-IA) and configuring server-side encryption, or storing the data in Amazon S3 Standard-Infrequent Access (S3 Standard-IA) and configuring multi-factor authentication (MFA)) will not meet the requirements, as they do not provide a way to protect the audit logs from future edits.

https://docs.aws.amazon.com/zh_tw/AmazonS3/latest/userguide/object-lock.html


Contribute your Thoughts:

Johna
8 months ago
Hold on, guys. What about option C? It's also storing the data in S3, but with server-side encryption. That seems like a simpler and more cost-effective solution.
upvoted 0 times
Lura
7 months ago
Let's go with option B then for storing and protecting the audit logs.
upvoted 0 times
...
Freeman
7 months ago
Agreed, option B with the vault lock policy seems to be the best fit for the requirements.
upvoted 0 times
...
Rosalyn
8 months ago
I think option B would be the most secure and compliant solution for archiving audit logs.
upvoted 0 times
...
Reuben
8 months ago
Option A also provides encryption with AWS KMS for added security.
upvoted 0 times
...
Val
8 months ago
True, the WORM access in option B protects the data from any future edits.
upvoted 0 times
...
Harley
8 months ago
But option B offers the write-once, read-many access which is important for audit logs.
upvoted 0 times
...
Mila
8 months ago
Option C seems like a good choice for this scenario.
upvoted 0 times
...
...
Whitley
8 months ago
I'm with you, Goldie. And let's be honest, this is an exam question, so they're probably looking for the most robust and secure solution. WORM is the way to go.
upvoted 0 times
...
Lettie
8 months ago
True, but the WORM policy is a critical requirement. Without it, the logs could still be edited, and that's not an option.
upvoted 0 times
...
Goldie
8 months ago
Hmm, good point. Plus, with Glacier, we can be sure the data will be preserved for the full 10 years. I'm leaning more towards option B as well.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77