A company that builds document management systems recently performed a security review of its application on AWS. The review showed that uploads of documents through signed URLs into Amazon S3 could occur in the application without encryption in transit. A security engineer must implement a solution that prevents uploads that are not encrypted in transit. Which solution will meet this requirement?

Topic #: - All AWS Certified Security - Specialty Questions

A. Ensure that all client implementations are using HTTPS to upload documents into the application.
B. Configure the s3-bucket-ssl-requests-only managed rule in AWS Config.
C. Add an S3 bucket policy that denies all S3 actions for condition “aws:secureTransport”: “false”. Most Voted
D. Add an S3 bucket ACL with a grantee of AllUsers, a permission of WRITE, and a condition of secureTransport.

- Awsexamhub website is not related to, affiliated with, endorsed or authorized by Amazon.
- Trademarks, certification & product names are used for reference only and belong to Amazon.

Suggested Answer:

Share this post

Join the Discussion