SCS-C02 Domain 5: Data Protection

A hybrid environment must support a goal to implement S3 Object Lock for WORM without changing application code. What should you implement? implement S3 Object Lock for WORM.

Multiple choice — select one answer

Answer choices

  1. a. SSE-KMS
  2. b. S3 Object Lock governance/compliance modes
  3. c. Amazon Macie
  4. d. TLS 1.2+ on ALB/API and s3:// policies

Architectural breakdown & explanation

Object Lock prevents deletion during retention.

Correct answer(s): b. S3 Object Lock governance/compliance modes

Exam domain: Domain 5: Data Protection (20% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the AWS Certified Security – Specialty bank. Run a full timed practice exam with domain-weighted random questions in your browser.