Multiple Choice
A developer reported that AWS CloudTrail was disabled on their account. A security engineer investigated the account and discovered the event was undetected by the current security solution. The security engineer must recommend a solution that will detect future changes to the CloudTrail configuration and send alerts when changes occur. What should the security engineer do to meet these requirements?
A) Use AWS Resource Access Manager (AWS RAM) to monitor the AWS CloudTrail configuration. Send notifications using Amazon SNS.
B) Create an Amazon CloudWatch Events rule to monitor Amazon GuardDuty findings. Send email notifications using Amazon SNS.
C) Update security contact details in AWS account settings for AWS Support to send alerts when suspicious activity is detected.
D) Use Amazon Inspector to automatically detect security issues. Send alerts using Amazon SNS.
Correct Answer:
Verified
Correct Answer:
Verified
Q182: Example.com hosts its internal document repository on
Q183: Unapproved changes were previously made to a
Q184: An employee accidentally exposed an AWS access
Q185: A company's security policy requires that VPC
Q186: In response to the past DDoS attack
Q188: A Security Engineer for a large company
Q189: A company uses multiple AWS accounts managed
Q190: A company recently performed an annual security
Q191: An organization has tens of applications deployed
Q192: A security engineer has noticed that VPC