AWS Certified SysOps Administrator – Associate (legacy) — Question 14
With the threat of ransomware viruses encrypting and holding company data hostage, which action should be taken to protect an Amazon S3 bucket?
Answer options
- A. Deny Post, Put, and Delete on the bucket
- B. Enable server-side encryption on the bucket
- C. Enable Amazon S3 versioning on the bucket
- D. Enable snapshots on the bucket
Correct answer: B
Explanation
Enabling server-side encryption on the bucket ensures that data is encrypted at rest, making it less vulnerable to unauthorized access or ransomware attacks. The other options, while they may enhance security in different ways, do not specifically address the encryption of data, which is critical in preventing ransomware from holding data hostage.