SSCP Access Controls • Set 4
SSCP Access Controls Practice Test 4 — 15 questions with explanations. Free, no signup.
Refer to the exhibit. A security analyst reviews this AWS IAM policy and notices that delete operations on objects in the corporate-bucket are being denied unexpectedly. What is the most likely issue?
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Deny",
"Action": "s3:DeleteObject",
"Resource": "arn:aws:s3:::corporate-bucket/*",
"Condition": {
"StringNotEquals": {
"s3:x-amz-server-side-encryption": "AES256"
}
}
},
{
"Effect": "Allow",
"Action": "s3:DeleteObject",
"Resource": "arn:aws:s3:::corporate-bucket/*"
}
]
}