A company is running a two-tier ecommerce application in one AWS account. The web server is deployed using an Amazon RDS for MySQL Multi-AZ DB instance. A Developer mistakenly deleted the database in the production environment. The database has been restored, but this resulted in hours of downtime and lost revenue.
Which combination of changes in existing IAM policies should a Database Specialist make to prevent an error like this from happening in the future? (Choose three.)

A. Grant least privilege to groups, users, and roles

B. Allow all users to restore a database from a backup that will reduce the overall downtime to restore the database

C. Enable multi-factor authentication for sensitive operations to access sensitive resources and API operations

D. Use policy conditions to restrict access to selective IP addresses

E. Use AccessList Controls policy type to restrict users for database instance deletion

F. Enable AWS CloudTrail logging and Enhanced Monitoring




 

Suggested Answer: ACD

Community Answer: ACD




This question is in DBS-C01 AWS Certified Database – Specialty Exam
For getting AWS Certified Database – Specialty Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Amazon.
Trademarks, certification & product names are used for reference only and belong to Amazon.
The website does not contain actual questions and answers from Amazon's Certification Exam.