Multiple Choice
A company experienced a breach of highly confidential personal information due to permissions issues on an Amazon S3 bucket. The Information Security team has tightened the bucket policy to restrict access. Additionally, to be better prepared for future attacks, these requirements must be met: Identify remote IP addresses that are accessing the bucket objects. Receive alerts when the security policy on the bucket is changed. Remediate the policy changes automatically. Which strategies should the Solutions Architect use?
A) Use Amazon CloudWatch Logs with CloudWatch filters to identify remote IP addresses. Use CloudWatch Events rules with AWS Lambda to automatically remediate S3 bucket policy changes. Use Amazon SES with CloudWatch Events rules for alerts.
B) Use Amazon Athena with S3 access logs to identify remote IP addresses. Use AWS Config rules with AWS Systems Manager Automation to automatically remediate S3 bucket policy changes. Use Amazon SNS with AWS Config rules for alerts.
C) Use S3 access logs with Amazon Elasticsearch Service and Kibana to identify remote IP addresses. Use an Amazon Inspector assessment template to automatically remediate S3 bucket policy changes. Use Amazon SNS for alerts.
D) Use Amazon Macie with an S3 bucket to identify access patterns and remote IP addresses. Use AWS Lambda with Macie to automatically remediate S3 bucket policy changes. Use Macie automatic alerting capabilities for alerts.
Correct Answer:
Verified
Correct Answer:
Verified
Q97: Your company is getting ready to do
Q98: A company's main intranet page has experienced
Q99: A read only news reporting site with
Q100: A user has created a VPC with
Q101: A company wants to refactor its retail
Q103: A Solutions Architect must migrate an existing
Q104: A Solutions Architect is responsible for redesigning
Q105: A security engineer determined that an existing
Q106: A company has more than 100 AWS
Q107: A company has an Amazon EC2 deployment