Multiple Choice
The Security team has decided that there will be no public internet access to HTTP (TCP port 80) because it is moving to HTTPS for all incoming web traffic. The team has asked a SysOps Administrator to provide a report on any security groups that are not compliant. What should the SysOps Administrator do to provide near real-time compliance reporting?
A) Enable AWS Trusted Advisor and show the Security team that the Security Groups unrestricted access check will alarm.
B) Schedule an AWS Lambda function to run hourly to scan and evaluate all security groups, and send a report to the Security team.
C) Use AWS Config to enable the restricted-common-ports rule, and add port 80 to the parameters.
D) Use Amazon Inspector to evaluate the security groups during scans, and send the completed reports to the Security team.
Correct Answer:
Verified
Correct Answer:
Verified
Q953: _ is a fast, reliable, scalable, fully
Q954: When preparing for a compliance assessment of
Q955: A user has launched an EC2 Windows
Q956: A user is trying to launch an
Q957: Developers are using IAM access keys to
Q959: The _ IAM policy element describes the
Q960: A company uses federation to authenticate users
Q961: When attached to an Amazon VPC, which
Q962: Can you use the AWS Identity and
Q963: _ is a task coordination and state