AWS Certified Cloud Practitioner — Question 153

What is the security best practice concerning sensitive data stored in Amazon S3?

Answer options

• A. Enable cross-Region replication on the S3 bucket.
• B. Enable S3 server-side encryption on the S3 bucket.
• C. Configure AWS WAF to prevent unauthorized access to the S3 bucket.
• D. Configure Amazon GuardDuty to prevent unauthorized access to the S3 bucket.

Correct answer: B

Explanation

The correct answer is B because enabling S3 server-side encryption ensures that sensitive data stored in S3 is automatically encrypted at rest, providing an essential layer of security. Options A, C, and D, while useful for data management and security, do not specifically address the encryption of sensitive data itself.