What does the Server-side encryption provide in Amazon S3?
Answer(s): A
Server-side encryption is about protecting data at rest. Server-side encryption with Amazon S3- managed encryption keys (SSE-S3) employs strong multi-factor encryption. Amazon S3 encrypts each object with a unique key. As an additional safeguard, it encrypts the key itself with a master key that it regularly rotates.
http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html
A user is creating an S3 bucket policy. Which of the below mentioned elements the user will not include as part of it?
Answer(s): B
When creating an S3 bucket policy, the user needs to define the resource (which will have the bucket or the object), actions, effect and principal.They are explained below:Resources – Buckets and objects are the Amazon S3 resources for which user can allow or deny permissions.Actions – For each resource, Amazon S3 supports a set of operations. user identifies resource operations which will allow (or deny) by using action keywordsEffect – What the effect will be when the user requests the specific action—this can be either allow or deny.Principal – The account or user who is allowed access to the actions and resources in the statement. You specify principal only in a bucket policy. It is the user, account, service, or other entity who is the recipient of this permission. In a user policy, the user to which the policy is attached is the implicit principal.
http://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-languageoverview.html
An IAM user is performing an operation on another account's S3 bucket. What will S3 first check in this context?
You can use in an Amazon S3 bucket policy for cross-account access, which means an AWS account can access resources in another AWS account.
Answer(s): D
You can use canonical user IDs in an Amazon S3 bucket policy for cross-account access, which means an AWS account can access resources in another AWS account. For example, to grant another AWS account access to your bucket, you specify the account's canonical user ID in the bucket's policy.
http://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html
A root account owner is trying to understand the S3 bucket ACL. Which choice below is a not a predefined group which can be granted object access via ACL?
An S3 bucket ACL grantee can be an AWS account or one of the predefined Amazon S3 groups. Amazon S3 has a set of predefined groups. When granting account access to a group, the user can specify one of the URLs of that group instead of a canonical user ID. Amazon S3 has the following predefined groups:. Authenticated Users group: It represents all AWS accounts.. All Users group: Access permission to this group allows anyone to access the resource.. Log Delivery group: WRITE permission on a bucket enables this group to write server access logs to the bucket.
http://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html
Share your comments for Amazon BDS-C00 exam with other users:
becoming interesting on the logical part of the cdbs and pdbs
some of the answers are incorrect, i would be wary of using this until an admin goes back and reviews all the answers
question # 267: federated operating model is also correct.
its helpful alot.
the questiosn from this braindumps are same as in the real exam. my passing mark was 84%.
it is an exam that measures your understanding of cloud computing resources provided by aws. these resources are aligned under 6 categories: storage, compute, database, infrastructure, pricing and network. with all of the services and typees of services under each category
good and very useful
i cleared the az-104 exam by scoring 930/1000 on the exam. it was all possible due to this platform as it provides premium quality service. thank you!
easy questions
could you please upload ad0-127 dumps
good content
understanding about joins
please upload oracle cloud infrastructure 2023 foundations associate exam braindumps. thank you.
questions made studying easy and enjoyable, passed on the first try!
has anyone recently attended safe 6.0 exam? did you see any questions from here?
question 13 should be dhcp option 43, right?
the buy 1 get 1 is a great deal. so far i have only gone over exam. it looks promissing. i report back once i write my exam.
is this dump good
good ................
passed
yes going good
good questions for practice
need dump and sap notes for c_s4cpr_2308 - sap certified application associate - sap s/4hana cloud, public edition - sourcing and procurement
question 11: d i personally feel some answers are wrong.
nice questions
looking for c1000-158: ibm cloud technical advocate v4 questions
can you share the pdf
admin ii is real technical stuff
could you post the link
hello send me dumps
it is very nice
i gave the amazon dva-c02 tests today and passed. very helpful.
there is an incorrect word in the problem statement. for example, in question 1, there is the word "speci c". this is "specific. in the other question, there is the word "noti cation". this is "notification. these mistakes make this site difficult for me to use.
passed my az-120 certification exam today with 90% marks. studied using the dumps highly recommended to all.