Multiple Choice
During a recent security audit, it was discovered that multiple teams in a large organization have placed restricted data in multiple Amazon S3 buckets, and the data may have been exposed. The auditor has requested that the organization identify all possible objects that contain personally identifiable information (PII) and then determine whether this information has been accessed. What solution will allow the Security team to complete this request?
A) Using Amazon Athena, query the impacted S3 buckets by using the PII query identifier function. Then, create a new Amazon CloudWatch metric for Amazon S3 object access to alert when the objects are accessed.
B) Enable Amazon Macie on the S3 buckets that were impacted, then perform data classification. For identified objects that contain PII, use the research function for auditing AWS CloudTrail logs and S3 bucket logs for GET operations.
C) Enable Amazon GuardDuty and enable the PII rule set on the S3 buckets that were impacted, then perform data classification. Using the PII findings report from GuardDuty, query the S3 bucket logs by using Athena for GET operations.
D) Enable Amazon Inspector on the S3 buckets that were impacted, then perform data classification. For identified objects that contain PII, query the S3 bucket logs by using Athena for GET operations.
Correct Answer:
Verified
Correct Answer:
Verified
Q74: A security team is responsible for reviewing
Q75: The Security Engineer is managing a traditional
Q76: A company's Developers plan to migrate their
Q77: Auditors for a health care company have
Q78: An organization is using AWS CloudTrail, Amazon
Q80: A financial institution has the following security
Q81: A Security Engineer is working with a
Q82: A threat assessment has identified a risk
Q83: An organization is using Amazon CloudWatch Logs
Q84: The Security Engineer for a mobile game