Multiple Choice
After a data leakage incident that led to thousands of stolen user profiles, a compliance officer is demanding automatic, auditable security policy checks for all of the company's data stores, starting with public access of Amazon S3 buckets. Which solution will accomplish this with the LEAST amount of effort?
A) Create a custom rule in AWS Config triggered by an S3 bucket configuration change that detects when the bucket policy or bucket ACL allows public read access. Use a remediation action to trigger an AWS Lambda function that automatically disables public access.
B) Create a custom rule in AWS Config triggered by an S3 bucket configuration change that detects when the bucket policy or bucket ACL allows public read access. Trigger an AWS Lambda function that automatically disables public access.
C) Use a managed rule in AWS Config triggered by an S3 bucket configuration change that detects when the bucket policy or bucket ACL allows public read access. Configure a remediation action that automatically disables public access.
D) Use a managed rule in AWS Config triggered by an S3 bucket configuration change that detects when the bucket policy or bucket ACL allows public read access. Configure an AWS Lambda function that automatically disables public access.
Correct Answer:
Verified
Correct Answer:
Verified
Q246: An ecommerce company is running an application
Q247: A company has a mission-critical application on
Q248: Your company has developed a web application
Q249: You are responsible for your company's large
Q250: What is the proper (best practice) way
Q252: Which of these is not a Pseudo
Q253: A company has a web application that
Q254: A company is running a number of
Q255: The management team at a company with
Q256: Which of the following is NOT an