Questions 22 to 24

Explanations for questions 22 to 24

We'll cover the following

Question 22
Question 23
Question 24

Question 22

An organization is creating a new storage solution and needs to ensure that Amazon S3 objects that are deleted are immediately restorable for up to 30 days. After 30 days, the objects should be retained for 180 more days and be restorable within 24 hours.

The solution should be operationally simple and cost-effective. How can these requirements be achieved? (Select TWO)

Enable object versioning on the Amazon S3 bucket that will contain the objects.
Create a lifecycle rule to transition non-current versions to GLACIER after 30 days, and then expire the objects after 180 days.
Enable Multi-Factor Authentication (MFA) delete protection.
Enable Cross-Region Replication (CRR) for the Amazon S3 bucket that will contain the objects.
Create a lifecycle rule to transition non-current versions to STANDARD_IA after 30 days, and then expire the objects after 180 days.

Correct Answer: 1, 2

Explanation: Object Versioning is a means of keeping multiple variants of an object in the same Amazon S3 bucket. When you delete an object in a versioning enabled bucket, the object is not deleted. Instead a delete marker is added, and the object is considered “non-current”. In this case, we can then transition the non-current versions to GLACIER after 30 days (as we need immediate recoverability for 30 days), and then expire the object after 180 days as they are no longer required to be recoverable.

CORRECT: “Enable object versioning on the Amazon S3 bucket that will contain the objects.” is the correct answer.

CORRECT: “Create a lifecycle rule to transition non-current versions to GLACIER after 30 days, and then expire the objects after 180 days.” is the correct answer.

INCORRECT: “Enable Multi-Factor Authentication (MFA) delete protection.” is incorrect. Multi-Factor Authentication (MFA) delete is a way of adding an extra layer of security to prevent accidental deletion. That’s not what we’re looking to do here. We don’t want to add any additional operational elements; we just need the ability to restore if we accidentally delete something.

INCORRECT: “Enable Cross-Region Replication (CRR) for the Amazon S3 bucket that will contain the objects.” is incorrect. Cross-Region Replication (CRR) is used for replicating the entire bucket to another region. This provides disaster recovery and a full additional copy of data. This is not the most cost-effective solution as you have 2 full copies of your data. However, deletions are not replicated, so it does provide protection from deleting objects.

INCORRECT: “Create a lifecycle rule to transition non-current versions to STANDARD_IA after 30 days, and then expire the objects after 180 days.” is incorrect. Transitioning to STANDARD_IA is less cost-effective than transitioning to GLACIER. As we only need recoverability within 24 hours, GLACIER is the best option.

References:

https://d0.awsstatic.com/whitepapers/protecting-s3-against-object-deletion.pdf

Level up your interview prep. Join Educative to access 70+ hands-on prep courses.

Introduction

Getting Started

Compute

Storage

AWS Database

Migration

Networking and Content Delivery

Management Tools

Media Services

Analytics

AWS Security, Identity, & Compliance

Application Integration

AWS Desktop & App Streaming

Wrapping Up

Practice Exam 1

Practice Exam 1 Explanations

Practice Exam 2

Practice Exam 2 Explanations

Practice Exam 3

Practice Exam 3 Explanations

Practice Exam 4

Practice Exam 4 Explanations

Practice Exam 5

Practice Exam 5 Explanations

Practice Exam 6

Practice Exam 6 Explanations

Questions 22 to 24

Question 22