Multiple Choice
A large company wants its Compliance team to audit its Amazon S3 buckets to identify if personally identifiable information (PII) is stored in them. The company has hundreds of S3 buckets and has asked the Security Engineers to scan every bucket. How can this task be accomplished?
A) Configure Amazon CloudWatch Events to trigger Amazon Inspector to scan the S3 buckets daily for PII. Configure Amazon Inspector to publish Amazon SNS notifications to the Compliance team if PII is detected.
B) Configure Amazon Macie to classify data in the S3 buckets and check the dashboard for PII findings. Configure Amazon CloudWatch Events to capture Macie alerts and target an Amazon SNS topic to be notified if PII is detected.
C) Check the AWS Trusted Advisor data loss prevention page in the AWS Management Console. Download the Amazon S3 data confidentiality report and send it to the Compliance team. Configure Amazon CloudWatch Events to capture Trusted Advisor alerts and target an Amazon SNS topic to be notified if PII is detected.
D) Enable Amazon GuardDuty in multiple Regions to scan the S3 buckets. Configure Amazon CloudWatch Events to capture GuardDuty alerts and target an Amazon SNS topic to be notified if PII is detected.
Correct Answer:
Verified
Correct Answer:
Verified
Q230: A security engineer must develop an encryption
Q231: An application uses Amazon Cognito to manage
Q232: A company is collecting AWS CloudTrail log
Q233: An application has been built with Amazon
Q234: A Developer signed in to a new
Q236: A company has decided to migrate sensitive
Q237: A company's Developers plan to migrate their
Q238: A Security Engineer has been asked to
Q239: A company stores images for a website
Q240: A company has decided to use encryption