Your IT Supervisor is worried about users accidentally deleting objects from an S3 bucket. Which of the following can help prevent accidental deletion of objects in an S3 bucket? (Select Three)

Answer options:

A.Enable encryption for the S3 bucket.
B.Enable MFA Delete on the S3 bucket.
C.Enable Versioning on the S3 bucket.
D.Enable IAM Roles on the S3 bucket.

Correct Answers – B, C, and D
AWS Documentation mentions the following.
When a user performs a DELETE operation on an object, subsequent simple (un-versioned) requests will no longer retrieve the object. However, all versions of that object will continue to be preserved in your Amazon S3 bucket and can be retrieved or restored.
Versioning’s MFA Delete capability, which uses multi-factor authentication, can be used to provide an additional layer of security. By default, all requests to your Amazon S3 bucket require your AWS account credentials. If you enable Versioning with MFA Delete on your Amazon S3 bucket, two forms of authentication are required to permanently delete a version of an object: your AWS account credentials and valid six-digit code and serial number from an authentication device in your physical possession.
For more information on the features of S3, please visit the following URL-
https://aws.amazon.com/s3/faqs/
To know more about Option D, Please refer to the below AWS Document.
https://aws.amazon.com/blogs/security/how-to-restrict-amazon-s3-bucket-access-to-a-specific-iam-role/