Multiple Choice
A company's security information events management (SIEM) tool receives new AWS CloudTrail logs from an Amazon S3 bucket that is configured to send all object created event notifications to an Amazon SNS topic. An Amazon SQS queue is subscribed to this SNS topic. The company's SIEM tool then polls this SQS queue for new messages using an IAM role and fetches new log events from the S3 bucket based on the SQS messages. After a recent security review that resulted in restricted permissions, the SIEM tool has stopped receiving new CloudTrail logs. Which of the following are possible causes of this issue? (Choose three.)
A) The SQS queue does not allow the SQS:SendMessage action from the SNS topic.
B) The SNS topic does not allow the SNS:Publish action from Amazon S3.
C) The SNS topic is not delivering raw messages to the SQS queue.
D) The S3 bucket policy does not allow CloudTrail to perform the PutObject action.
E) The IAM role used by the SIEM tool does not have permission to subscribe to the SNS topic.
F) The IAM role used by the SIEM tool does not allow the SQS:DeleteMessage action.
Correct Answer:
Verified
Correct Answer:
Verified
Q211: A Development team has built an experimental
Q212: An application has been written that publishes
Q213: A company is using AWS Organizations to
Q214: A company has complex connectivity rules governing
Q215: An Amazon S3 bucket is encrypted using
Q217: A distributed web application is installed across
Q218: The Security Engineer implemented a new vault
Q219: A company has Windows Amazon EC2 instances
Q220: The Security Engineer created a new AWS
Q221: A company needs to encrypt all of