A company that builds document management systems recently performed a security review of its application on AWS. The review showed that uploads of documents through signed URLs into Amazon S3 could occur in the application without encryption in transit. A security engineer must implement a solution that prevents uploads that are not encrypted in transit.
Which solution will meet this requirement?

A. Ensure that all client implementations are using HTTPS to upload documents into the application.

B. Configure the s3-bucket-ssl-requests-only managed rule in AWS Config.

C. Add an S3 bucket policy that denies all S3 actions for condition “aws:secureTransport”: “false”.

D. Add an S3 bucket ACL with a grantee of AllUsers, a permission of WRITE, and a condition of secureTransport.








 

Suggested Answer: C

Community Answer: C




This question is in SCS-C01 AWS Certified Security – Specialty Exam
For getting AWS Certified Security – Specialty Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Amazon.
Trademarks, certification & product names are used for reference only and belong to Amazon.
The website does not contain actual questions and answers from Amazon's Certification Exam.