Answer-first summary for fast verification
Answer: Create an S3 bucket with Object Lock enabled. Store statements in S3 Intelligent-Tiering. Enable compliance mode with a default retention period of 2 years. Define an S3 Lifecycle policy to move the data to S3 Glacier after 2 years. Attach an S3 Glacier Vault Lock policy with deny delete permissions for archives less than 7 years old.
Option C is the most cost-effective solution for the financial company's needs for several reasons: 1. **Object Lock**: Enabling Object Lock ensures that the bank account statements are immutable and cannot be deleted or altered, which is crucial for compliance and security. 2. **S3 Intelligent-Tiering**: This storage class is ideal for data with unknown or changing access patterns. It automatically moves data to the most cost-effective access tier without performance impact or operational overhead. For frequently accessed statements, it remains in the standard tier, while less frequently accessed data moves to a lower-cost tier. 3. **Compliance Mode**: By enabling compliance mode with a default retention period of 2 years, the company ensures that all statements are available for immediate access for users who need them within this period. 4. **S3 Lifecycle Policy**: After 2 years, the lifecycle policy moves the data to S3 Glacier, which is a low-cost, durable storage option suitable for long-term archiving. This meets the requirement to retain statements for at least 7 years. 5. **S3 Glacier Vault Lock Policy**: Attaching this policy with deny delete permissions for archives less than 7 years old ensures that the company's compliance policy is enforced, and the data cannot be deleted before the required retention period. In summary, option C provides a balance between cost-effectiveness and compliance, ensuring immediate access to frequently accessed data while also managing the lifecycle and retention of all statements according to the company's requirements.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
A financial company is building a system to generate monthly, immutable bank account statements for its users. Statements are stored in Amazon S3. Users should have immediate access to their monthly statements for up to 2 years Some users access their statements frequently, whereas others rarely access their statements. The company's security and compliance policy requires that the statements be retained for at least 7 years. What is the MOST cost-effective solution to meet the company's needs?
A
Create an S3 bucket with Object Lock disabled. Store statements in S3 Standard. Define an S3 Lifecycle policy to transition the data to S3 Standard-Infrequent Access (S3 Standard-lA) after 30 days. Define another S3 Lifecycle policy to move the data to S3 Glacier Deep Archive after 2 years. Attach an S3 Glacier Vault Lock policy with deny delete permissions for archives less than 7 years old.
B
Create an S3 bucket with versioning enabled. Store statements in S3 Intelligent- Tiering. Use same- Region replication to replicate objects to a backup S3 bucket. Define an S3 Lifecycle policy for the backup S3 bucket to move the data to S3 Glacier. Attach an S3 Glacier Vault Lock policy with deny delete permissions for archives less than 7 years old.
C
Create an S3 bucket with Object Lock enabled. Store statements in S3 Intelligent-Tiering. Enable compliance mode with a default retention period of 2 years. Define an S3 Lifecycle policy to move the data to S3 Glacier after 2 years. Attach an S3 Glacier Vault Lock policy with deny delete permissions for archives less than 7 years old.
D
Create an S3 bucket with versioning disabled. Store statements in S3 One Zone-lnfrequent Access (S3 One Zone lA).Define an S3 Lifecycle policy to move the data to S3 Glacier Deep Archive after 2 years. Attach an S3 Glacier Vault Lock policy with deny delete permissions for archives less than 7 years old.