ExamGecko
Question list
Search
Search

List of questions

Search

Related questions











Question 161 - SCS-C02 discussion

Report
Export

A security engineer needs to see up an Amazon CloudFront distribution for an Amazon S3 bucket that hosts a static website. The security engineer must allow only specified IP addresses to access the website. The security engineer also must prevent users from accessing the website directly by using S3 URLs.

Which solution will meet these requirements?

A.
Generate an S3 bucket policy. Specify cloudfront amazonaws com as the principal. Use the aws Sourcelp condition key to allow access only if the request conies from the specified IP addresses.
Answers
A.
Generate an S3 bucket policy. Specify cloudfront amazonaws com as the principal. Use the aws Sourcelp condition key to allow access only if the request conies from the specified IP addresses.
B.
Create a CloudFront origin access identity (OAl). Create the S3 bucket policy so that only the OAl has access. Create an AWS WAF web ACL and add an IP set rule. Associate the web ACL with the CloudFront distribution.
Answers
B.
Create a CloudFront origin access identity (OAl). Create the S3 bucket policy so that only the OAl has access. Create an AWS WAF web ACL and add an IP set rule. Associate the web ACL with the CloudFront distribution.
C.
Implement security groups to allow only the specified IP addresses access and to restrict S3 bucket access by using the CloudFront distribution.
Answers
C.
Implement security groups to allow only the specified IP addresses access and to restrict S3 bucket access by using the CloudFront distribution.
D.
Create an S3 bucket access point to allow access from only the CloudFront distribution. Create an AWS WAF web ACL and add an IP set rule. Associate the web ACL with the CloudFront distribution.
Answers
D.
Create an S3 bucket access point to allow access from only the CloudFront distribution. Create an AWS WAF web ACL and add an IP set rule. Associate the web ACL with the CloudFront distribution.
Suggested answer: B
asked 16/09/2024
Bogdan Karolic
39 questions
User
Your answer:
0 comments
Sorted by

Leave a comment first