Multiple Choice
A company uses AWS CodePipeline for its software builds. Company policy mandates that code must be deployed to the staging environment before it is deployed to the production environment. The company needs to implement monitoring and alerting to detect when a CodePipeline pipeline is used to deploy code to production without the code first being deployed to staging. What should a security engineer do to meet these requirements?
A) Enable Amazon GuardDuty to monitor AWS CloudTrail for CodePipeline. Configure findings through AWS Security Hub, and create a custom action in Security Hub to send to Amazon Simple Notification Service (Amazon SNS) .
B) Use the AWS Cloud Development Kit (AWS CDK) to model reference-architecture CodePipeline pipeline that deploys application code through the staging environment and then the production environment.
C) Turn on AWS Config recording. Use a custom AWS Config rule to examine each CodePipeline pipeline for compliance. Configure an Amazon Simple Notification Service (Amazon SNS) notification on any change that is not in compliance with the rule. Add the desired receiver of the notification as a subscriber to the SNS topic.
D) Use Amazon Inspector to conduct an assessment of the CodePipeline pipelines and send a notification upon the discovery of a pipeline that is not in compliance. Add the desired receiver of the notification as a subscriber to the Amazon Simple Notification Service (Amazon SNS) topic.
Correct Answer:
Verified
Correct Answer:
Verified
Q86: An audit determined that a company's Amazon
Q87: An organization wants to log all AWS
Q88: Example.com is hosted on Amazon EC2 instance
Q89: A company website runs on Amazon EC2
Q90: A company's Information Security team wants to
Q92: A company is running an application on
Q93: A company is designing the security architecture
Q94: A company needs its Amazon Elastic Block
Q95: A company became aware that one of
Q96: A Security Engineer has created an Amazon