AWS Certified Solutions Architect Associate SAA-C03 Practice Question

A Solutions Architect must create a secure storage solution for confidential client documents at a law firm. The design needs to enforce strict permissions and ensure documents are only retained as long as legally necessary before being removed from storage. Which configuration would best meet the firm's operational and legal requirements?

  • Implement key management service policies to expire encryption on objects, effectively rendering them inaccessible post-retention.

  • Utilize a Glacier Vault with Lock policies, scheduling vault lock-in to meet the retention timeline and manually manage deletions.

  • Deploy an S3 bucket with appropriate Bucket Policies and IAM roles, setting lifecycle policies to remove documents after the predetermined retention duration.

  • Configure S3 Object Lock to enforce a strict WORM (Write Once Read Many) model until documents are manually purged post-retention.

AWS Certified Solutions Architect Associate SAA-C03
Design Secure Architectures
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Bash, the Crucial Exams Chat Bot
AI Bot