AWS Certified Solutions Architect – Associate (SAA-C02) — Question 72

A company uses an Amazon S3 bucket to store static images for its website. The company configured permissions to allow access to Amazon S3 objects by privileged users only.
What should a solutions architect do to protect against data loss? (Choose two.)

Answer options

• A. Enable versioning on the S3 bucket.
• B. Enable access logging on the S3 bucket.
• C. Enable server-side encryption on the S3 bucket.
• D. Configure an S3 lifecycle rule to transition objects to Amazon S3 Glacier.
• E. Use MFA Delete to require multi-factor authentication to delete an object.

Correct answer: A, E

Explanation

Enabling versioning on the S3 bucket protects against accidental deletions or overwrites by allowing the recovery of previous versions of an object. Using MFA Delete adds an additional layer of security by requiring multi-factor authentication to delete objects, thus minimizing the risk of unauthorized deletions. The other options, while useful for security and management, do not specifically address data loss prevention.