Multiple Choice
A company uses federated access for its AWS environment. The company creates and manages IAM roles by using AWS CloudFormation from a CI/CD pipeline. All changes should be made to the IAM roles through the pipeline. The company's security team discovers that out-of-band changes are being made to the IAM roles. The security team needs a way to detect when these out-of-band changes occur. What should a DevOps engineer do to meet this requirement?
A) Use Amazon Inspector rules to detect and notify when an AWS CloudFormation stack has a configuration change.
B) Use AWS Trusted Advisor to detect and notify when an AWS CloudFormation stack has a configuration change.
C) Use AWS CloudTrail to detect and notify when an AWS CloudFormation stack detects a configuration change.
D) Use an AWS Config rule to detect and notify when AWS CloudFormation drift detection identifies a configuration change.
Correct Answer:
Verified
Correct Answer:
Verified
Q184: A DevOps engineer has been tasked with
Q185: A company has 100 GB of log
Q186: A company runs a database on a
Q187: A company runs a three-tier web application
Q188: An Amazon EC2 instance with no internet
Q190: A company has an application deployed using
Q191: Your mobile application includes a photo-sharing service
Q192: If Erin has three clusters of server
Q193: You are running a Docker daemon on
Q194: A company has a website in an