An application hosted on AWS uses object storage for storing internal reports that are accessed daily by the CFO. Currently, these reports are publicly available.How should a Solutions Architect re-design this architecture to prevent unauthorized access to these reports?

Question

Accepted Answer

Store the files on Amazon S3 and use the application to generate S3 pre-signed URLs to users.

Answer

Encrypt the files on the client side and store the files on Amazon Glacier, then decrypt the reports on the client side.

Answer

Move the files to Amazon ElastiCache and provide a username and password for downloading the reports.

Answer

Specify the use of AWS KMS server-side encryption at the time of an object creation on Amazon S3.

Home / Amazon / SAA-C01 / Question 127

Question 127

An application hosted on AWS uses object storage for storing internal reports that are accessed daily by the CFO. Currently, these reports are publicly available.How should a Solutions Architect re-design this architecture to prevent unauthorized access to these reports?

Answers

A. Encrypt the files on the client side and store the files on Amazon Glacier, then decrypt the reports on the client side.

B. Move the files to Amazon ElastiCache and provide a username and password for downloading the reports.

C. Specify the use of AWS KMS server-side encryption at the time of an object creation on Amazon S3.

D. Store the files on Amazon S3 and use the application to generate S3 pre-signed URLs to users.

Comments