Amazon AWS-CERTIFIED-BIG-DATA-SPECIALTY AWS-Certified-Big-Data-Specialty Dumps in PDF

Free Amazon AWS-Certified-Big-Data-Specialty Real Questions (page: 16)

What does the Server-side encryption provide in Amazon S3?

  1. Server-side encryption protects data at rest using Amazon S3-managed encryption keys (SSE-S3).
  2. Server-side encryption doesn't exist for Amazon S3, but only for Amazon EC2.
  3. Server-side encryption allows to upload files using an SSL endpoint for a secure transfer.
  4. Server-side encryption provides an encrypted virtual disk in the cloud.

Answer(s): A

Explanation:

Server-side encryption is about protecting data at rest. Server-side encryption with Amazon S3- managed encryption keys (SSE-S3) employs strong multi-factor encryption. Amazon S3 encrypts each object with a unique key. As an additional safeguard, it encrypts the key itself with a master key that it regularly rotates.


Reference:

http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html



A user is creating an S3 bucket policy. Which of the below mentioned elements the user will not include as part of it?

  1. Actions
  2. Buckets
  3. Principal
  4. Resource

Answer(s): B

Explanation:

When creating an S3 bucket policy, the user needs to define the resource (which will have the bucket or the object), actions, effect and principal.
They are explained below:
Resources – Buckets and objects are the Amazon S3 resources for which user can allow or deny permissions.
Actions – For each resource, Amazon S3 supports a set of operations. user identifies resource operations which will allow (or deny) by using action keywords
Effect – What the effect will be when the user requests the specific action—this can be either allow or deny.
Principal – The account or user who is allowed access to the actions and resources in the statement. You specify principal only in a bucket policy. It is the user, account, service, or other entity who is the recipient of this permission. In a user policy, the user to which the policy is attached is the implicit principal.


Reference:

http://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-languageoverview.html



An IAM user is performing an operation on another account's S3 bucket. What will S3 first check in this context?

  1. Verifies that the bucket has the required policy defined for access the IAM user
  2. Verifies if the parent account of the IAM user has granted sufficient permission
  3. Reject the request since the IAM user does not belong to the root account
  4. Verifies if the IAM policy is available for the root account to provide permission to the other IAM users

Answer(s): B



You can use in an Amazon S3 bucket policy for cross-account access, which means an AWS account can access resources in another AWS account.

  1. access key IDs
  2. secret access keys
  3. account IDs
  4. canonical user IDs

Answer(s): D

Explanation:

You can use canonical user IDs in an Amazon S3 bucket policy for cross-account access, which means an AWS account can access resources in another AWS account. For example, to grant another AWS account access to your bucket, you specify the account's canonical user ID in the bucket's policy.


Reference:

http://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html



A root account owner is trying to understand the S3 bucket ACL. Which choice below is a not a predefined group which can be granted object access via ACL?

  1. Canonical user group
  2. Log Delivery Group
  3. All users group
  4. Authenticated user group

Answer(s): A

Explanation:

An S3 bucket ACL grantee can be an AWS account or one of the predefined Amazon S3 groups. Amazon S3 has a set of predefined groups. When granting account access to a group, the user can specify one of the URLs of that group instead of a canonical user ID. Amazon S3 has the following predefined groups:
. Authenticated Users group: It represents all AWS accounts.
. All Users group: Access permission to this group allows anyone to access the resource.
. Log Delivery group: WRITE permission on a bucket enables this group to write server access logs to the bucket.


Reference:

http://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html



Share your comments for Amazon AWS-Certified-Big-Data-Specialty exam with other users:

V
vv
12/2/2023 2:45:00 PM

good ones for exam preparation

D
Danny Zas
9/15/2023 4:45:00 AM

this is a good experience

S
SM 1211
10/12/2023 10:06:00 PM

hi everyone

A
A
10/2/2023 6:08:00 PM

waiting for the dump. please upload.

A
Anonymous
7/16/2023 11:05:00 AM

upload cks exam questions

J
Johan
12/13/2023 8:16:00 AM

awesome training material

P
PC
7/28/2023 3:49:00 PM

where is dump

Y
YoloStar Yoloing
10/22/2023 9:58:00 PM

q. 289 - the correct answer should be b not d, since the question asks for the most secure way to provide access to a s3 bucket (a single one), and by principle of the least privilege you should not be giving access to all buckets.

Z
Zelalem Nega
5/14/2023 12:45:00 PM

please i need if possible h12-831,

U
unknown-R
11/23/2023 7:36:00 AM

good collection of questions and solution for pl500 certification

S
Swaminathan
5/11/2023 9:59:00 AM

i would like to appear the exam.

V
Veenu
10/24/2023 6:26:00 AM

i am very happy as i cleared my comptia a+ 220-1101 exam. i studied from as it has all exam dumps and mock tests available. i got 91% on the test.

K
Karan
5/17/2023 4:26:00 AM

need this dump

R
Ramesh Kutumbaka
12/30/2023 11:17:00 PM

its really good to eventuate knowledge before appearing for the actual exam.

A
anonymous
7/20/2023 10:31:00 PM

this is great

X
Xenofon
6/26/2023 9:35:00 AM

please i want the questions to pass the exam

D
Diego
1/21/2024 8:21:00 PM

i need to pass exam

V
Vichhai
12/25/2023 3:25:00 AM

great, i appreciate it.

P
P Simon
8/25/2023 2:39:00 AM

please could you upload (isc)2 certified in cybersecurity (cc) exam questions

K
Karim
10/8/2023 8:34:00 PM

good questions, wrong answers

I
Itumeleng
1/6/2024 12:53:00 PM

im preparing for exams

M
MS
1/19/2024 2:56:00 PM

question no: 42 isnt azure vm an iaas solution? so, shouldnt the answer be "no"?

K
keylly
11/28/2023 10:10:00 AM

im study azure

D
dorcas
9/22/2023 8:08:00 AM

i need this now

T
treyf
11/9/2023 5:13:00 AM

i took the aws saa-c03 test and scored 935/1000. it has all the exam dumps and important info.

A
anonymous
1/11/2024 4:50:00 AM

good questions

A
Anjum
9/23/2023 6:22:00 PM

well explained

T
Thakor
6/7/2023 11:52:00 PM

i got the full version and it helped me pass the exam. pdf version is very good.

S
sartaj
7/18/2023 11:36:00 AM

provide the download link, please

L
loso
7/25/2023 5:18:00 AM

please upload thank.

P
Paul
6/23/2023 7:12:00 AM

please can you share 1z0-1055-22 dump pls

E
exampei
10/7/2023 8:14:00 AM

i will wait impatiently. thank youu

P
Prince
10/31/2023 9:09:00 PM

is it possible to clear the exam if we focus on only these 156 questions instead of 623 questions? kindly help!

A
Ali Azam
12/7/2023 1:51:00 AM

really helped with preparation of my scrum exam

AI Tutor 👋 I’m here to help!