Q57 — AWS SAA-C03 Ch.5

Question 57 of 65 | ← Chapter 5

Q357. A company uses AWS and sells access to copyrighted images. The company's global customer base needs to be able to access these images quickly. The company must deny access to users from specific countries.The company wants to minimize costs as much as possible.Which solution will meet these requirements?

Correct Answer: D. Use Amazon S3 to store the images. Use Amazon CloudFront to distribute the images with geographic restrictions. Provide a signed URL for each customer to access the data in CloudFront

Explanation

Option D will meet the given requirements.D. Use Amazon S3 to store the images. Use Amazon CloudFront to distribute the images with geographic restrictions. Provide a signed URL for each customer to access the data in CloudFront:This solution uses Amazon S3 to store the copyrighted images and Amazon CloudFront to distribute them globally with geographic restrictions, thus ensuring that only customers from allowed countries can access the data. Using signed URLs enables the company to provide secure access to these images while minimizing costs by leveraging the global network of CloudFront edge locations. This solution also eliminates the need to create IAM users or deploy EC2 instances in specific countries, simplifying the architecture.Option A is not a recommended best practice as it involves unnecessarily enabling multi-factor authentication (MFA) and public bucket access, which could pose a security risk. Option B is not scalable as creating an IAM user for each customer can quickly become unmanageable. Option C requires the deployment of separate EC2 instances in each country, which can be expensive and difficult to manage.