AWS Certified Security - Specialty
Get started today
Ultimate access to all questions.
Comments
Loading comments...
Ultimate access to all questions.
A company is partnering with a vendor to process customer data. The company uploads sensitive data files as objects into an Amazon S3 bucket, from which the vendor downloads the objects for processing. A security engineer needs to ensure that these objects do not remain in the S3 bucket for more than 72 hours. Which solution should the security engineer implement to meet this requirement?
A
Use Amazon Macie to scan the S3 bucket for sensitive data every 72 hours. Configure Macie to delete the objects that contain sensitive data when they are discovered.
B
Configure an S3 Lifecycle rule on the S3 bucket to expire objects that have been in the S3 bucket for 72 hours.
C
Create an Amazon EventBridge scheduled rule that invokes an AWS Lambda function every day. Program the Lambda function to remove any objects that have been in the S3 bucket for 72 hours.
D
Use the S3 Intelligent-Tiering storage class for all objects that are uploaded to the S3 bucket. Use S3 Intelligent-Tiering to expire objects that have been in the S3 bucket for 72 hours.