Free Access Amazon.SCS-C01.v2024-04-28.q455 Practice Test (Page 2)

Question 1

You have an S3 bucket hosted in AWS. This is used to host promotional videos uploaded by yourself. You need to provide access to users for a limited duration of time. How can this be achieved?
Please select:

A.Use versioning and enable a timestamp for each version

B.Use Pre-signed URL's

C.Use IAM Roles with a timestamp to limit the access

D.Use IAM policies with a timestamp to limit the access

Question 2

Which of the following is the most efficient way to automate the encryption of AWS CloudTrail logs using a Customer Master Key (CMK) in AWS KMS?

A.Configure CloudTrail to use server-side encryption using KMS-managed keys to encrypt and decrypt CloudTrail logs.

B.Use the KMS direct encrypt function on the log data every time a CloudTrail log is generated.

C.Use encrypted API endpoints so that all AWS API calls generate encrypted CloudTrail log entries using the TLS certificate from the encrypted API call.

D.Use the default Amazon S3 server-side encryption with S3-managed keys to encrypt and decrypt the CloudTrail logs.

Question 3

A Security Engineer is working with the development team to design a supply chain application that stores sensitive inventory data in an Amazon S3 bucket. The application will use an IAM KMS customer master key (CMK) to encrypt the data on Amazon S3. The inventory data on Amazon S3 will be shared of vendors. All vendors will use IAM principals from their own IAM accounts to access the data on Amazon S3. The vendor list may change weekly, and the solution must support cross-account access.
What is the MOST efficient way to manage access control for the KMS CMK7?

A.Use KMS grants to manage key access. Programmatically create and revoke grants to manage vendor access.

B.Use KMS key policies to manage key access. Programmatically update the KMS key policies to manage vendor access.

C.Use an IAM role to manage key access. Programmatically update the IAM role policies to manage vendor access.

D.Use delegated access across IAM accounts by using IAM roles to manage key access. Programmatically update the IAM trust policy to manage cross-account vendor access.

Question 4

A Security Engineer who was reviewing AWS Key Management Service (AWS KMS) key policies found this statement in each key policy in the company AWS account.

What does the statement allow?

A.All principals from account 111122223333 to use the key but only on Amazon S3.

B.Only the root user from account 111122223333 to use the key.

C.Only principals from account 111122223333 that have an IAM policy applied that grants access to this key to use the key.

D.All principals from all AWS accounts to use the key.

Question 5

Your company manages thousands of EC2 Instances. There is a mandate to ensure that all servers don't have any critical security flaws. Which of the following can be done to ensure this? Choose 2 answers from the options given below.
Please select:

A.Use AWS Config to ensure that the servers have no critical flaws.

B.Use AWS inspector to ensure that the servers have no critical flaws.

C.Use AWS inspector to patch the servers

D.Use AWS SSM to patch the servers

Other Version: 4731Amazon.SCS-C01.v2023-11-28.q513; 3943Amazon.SCS-C01.v2022-12-23.q273; 4473Amazon.SCS-C01.v2022-07-23.q183; 8580Amazon.SCS-C01.v2022-05-08.q476; 83Amazon.Prepawaytest.SCS-C01.v2021-09-29.by.norton.139q.pdf

Latest Upload: 200PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 292Nokia.4A0-113.v2026-05-01.q69; 251EC-COUNCIL.312-49v11.v2026-04-30.q214; 227Microsoft.MB-820.v2026-04-30.q101; 207Salesforce.MC-202.v2026-04-30.q57; 204BICSI.INSTC_V8.v2026-04-29.q53; 332NMLS.MLO.v2026-04-28.q82; 241NCARB.Project-Management.v2026-04-28.q27; 457EMC.D-AV-DY-23.v2026-04-27.q184; 1109ServiceNow.CSA.v2026-04-27.q483

Question 1

Question 2

Question 3

Question 4

Question 5

Download PDF File