DEA-C01 Data Security and Governance • Set 5
DEA-C01 Data Security and Governance Practice Test 5 — 15 questions with explanations. Free, no signup.
A company is using Amazon S3 to store sensitive data. The security team requires that all objects be encrypted using server-side encryption with AWS KMS (SSE-KMS) and that the bucket policy denies any PutObject request that does not include the required encryption header. Which bucket policy condition should be added?