Answer-first summary for fast verification
Answer: Create separate S3 buckets in each region and enforce TLS for all API calls to the buckets.
While cross-region replication (A) can be useful for data availability, it does not provide a direct method for secure access between regions. Using a VPN gateway (B) is not necessary for S3 access, as S3 is a public service. Private VIFs (C) are used for cross-AZ networking, not cross-region. The most effective approach (D) is to enforce TLS for all API calls to the S3 buckets in each region. This ensures that the data in transit is encrypted and protected from unauthorized access.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
You are designing a system that requires secure access to an Amazon S3 bucket from multiple regions. Which of the following approaches would be most effective in ensuring the confidentiality and integrity of data in transit?
A
Use a single S3 bucket and enable cross-region replication.
B
Create separate S3 buckets in each region and use a VPN gateway to connect them.
C
Create separate S3 buckets in each region and use private VIFs for cross-region networking.
D
Create separate S3 buckets in each region and enforce TLS for all API calls to the buckets.
No comments yet.