What is the security best practice concerning sensitive data stored in Amazon S3?
Enable cross-Region replication on the S3 bucket.
Enable S3 server-side encryption on the S3 bucket.
Configure AWS WAF to prevent unauthorized access to the S3 bucket.
Configure Amazon GuardDuty to prevent unauthorized access to the S3 bucket.
Explanations:
Cross-Region replication is useful for redundancy and availability but does not secure sensitive data.
Enabling server-side encryption protects sensitive data at rest, ensuring it is encrypted and secure.
AWS WAF helps protect web applications but is not directly focused on securing S3 bucket data.
Amazon GuardDuty provides threat detection but does not directly prevent unauthorized access to S3.