SCS-C02 • Mock Exam 75
Free SCS-C02 mock exam — 25 questions with explanations. Set 75. No signup required.
A company has an S3 bucket that stores financial records. The security team wants to ensure that any object uploaded to the bucket is automatically encrypted with a specific AWS KMS key. The team creates a bucket policy that denies s3:PutObject unless the request includes the correct encryption header. However, some users who upload objects using the AWS Management Console report that their uploads fail. What is the most likely cause?