Multiple Choice
A company experienced a breach of highly confidential personal information due to permission issues on an Amazon S3 bucket. The Information Security team has tightened the bucket policy to restrict access. Additionally, to be better prepared for future attacks, these requirements must be met: Identify remote IP addresses that are accessing the bucket objects. Receive alerts when the security policy on the bucket is changed. Remediate the policy changes automatically. Which strategies should the Solutions Architect use?
A) Use Amazon CloudWatch Logs with CloudWatch filters to identify remote IP addresses. Use CloudWatch Events rules with AWS Lambda to automatically remediate S3 bucket policy changes. Use Amazon SES with CloudWatch Events rules for alerts.
B) Use Amazon Athena with S3 access logs to identify remote IP addresses. Use AWS Config rules with AWS Systems Manager Automation to automatically remediate S3 bucket policy changes. Use Amazon SNS with AWS Config rules for alerts.
C) Use S3 access logs with Amazon Elasticsearch Service and Kibana to identify remote IP addresses. Use an Amazon Inspector assessment template to automatically remediate S3 bucket policy changes. Use Amazon SNS for alerts.
D) Use Amazon Macie with an S3 bucket to identify access patterns and remote IP addresses. Use AWS Lambda with Macie to automatically remediate S3 bucket policy changes. Use Macie automatic alerting capabilities for alerts.
Correct Answer:
Verified
Correct Answer:
Verified
Q177: With respect to AWS Lambda permissions model,
Q178: A company wants to analyze log data
Q179: A bank is designing an online customer
Q180: A company has a website that enables
Q181: A company has developed a new billing
Q183: An organization is purchasing licensed software. The
Q184: A Solutions Architect has created an AWS
Q185: A company must deploy multiple independent instances
Q186: A solutions architect at a large company
Q187: The AWS IT infrastructure that AWS provides,