Amazon Exam SCS-C01 Topic 2 Question 15 Discussion

Actual exam question for Amazon's SCS-C01 exam

Question #: 15
Topic #: 2

A company is hosting a static website on Amazon S3 The company has configured an Amazon CloudFront distribution to serve the website contents The company has associated an AWS WAF web ACL with the CloudFront distribution. The web ACL ensures that requests originate from the United States to address compliance restrictions.

THE company is worried that the S3 URL might still be accessible directly and that requests can bypass the CloudFront distribution

Which combination of steps should the company take to remove direct access to the S3 URL? (Select TWO. )

ASelect 'Restrict Bucket Access' in the origin settings of the CloudFront distribution

BCreate an origin access identity (OAI) for the S3 origin

CUpdate the S3 bucket policy to allow s3 GetObject with a condition that the aws Referer key matches the secret value Deny all other requests

DConfigure the S3 bucket poky so that only the origin access identity (OAI) has read permission for objects in the bucket

EAdd an origin custom header that has the name Referer to the CloudFront distribution Give the header a secret value.

Show Suggested Answer

Suggested Answer: A, D

by Lashon at May 04, 2022, 12:34 PM

Limited Time Offer

25%

Off

Get Premium SCS-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!