AWS Certified SysOps Administrator – Associate (legacy) — Question 3

Recently several critical files were mistakenly deleted from a shared Amazon S3 bucket. A SysOps Administrator needs to prevent accidental deletions from occurring in the future by enabling MFA Delete.
Once enabled, which bucket activities will require MFA authentication? (Choose two.)

Answer options

• A. Permanently removing an object version from the bucket
• B. Disabling default object encryption for the bucket
• C. Listing all versions of deleted objects in the bucket
• D. Suspending versioning on the bucket
• E. Enabling MFA Add on the bucket

Correct answer: C, E

Explanation

The correct answers are C and E because MFA Delete specifically requires multi-factor authentication for certain actions such as listing object versions and enabling MFA Delete itself. The other options, like disabling encryption or suspending versioning, do not require MFA authentication.