Q25 — AWS DVA-C02 Ch.1
Question 25 of 100 | ← Chapter 1
A company has an Amazon S3 bucket containing premium content. The company intends to deliver this premium content exclusively to its paid subscribers. The S3 bucket currently has default private permissions on all objects to prevent accidental exposure of premium content to non-subscribers.
- A. Apply a bucket policy that allows anonymous users to download content from the S3 bucket.
- B. Generate presigned object URLs for premium content files when a paid subscriber requests a download. ✓
- C. Add a bucket policy requiring multi-factor authentication (MFA) for requests accessing S3 bucket objects.
- D. Enable server-side encryption on the S3 bucket to protect data from non-paying website visitors.
Correct Answer: B. Generate presigned object URLs for premium content files when a paid subscriber requests a download.
Explanation
Presigned URLs provide time-limited, secure access to private S3 objects without exposing credentials or granting broad permissions. They are ideal for delivering premium content exclusively to authenticated paid subscribers for a limited duration.