Multiple Choice
The Security team has decided that there will be no public internet access to HTTP (TCP port 80) because if it is moving to HTTPS for all incoming web traffic. The team has asked a SysOps Administrator to provide a report on any security groups that are not compliant. What should the SysOps Administrator do to provide near real-time compliance reporting?
A) Enable AWS Trusted Advisor and show the Security team that the Security Groups unrestricted access check will alarm.
B) Schedule an AWS Lambda function to run hourly to scan and evaluate all security groups, and send a report to the Security team.
C) Use AWS Config to enable the restricted-common-ports rule, and add port 80 to the parameters.
D) Use Amazon Inspector to evaluate the security groups during scans, and send the completed reports to the Security team.
Correct Answer:
Verified
Correct Answer:
Verified
Q393: A company's application stores documents within an
Q394: What are the benefits of CloudTrail integration
Q395: A company wants to ensure that each
Q396: A sys admin has enabled logging on
Q397: An organization has configured a VPC with
Q399: A company is operating a multi-account environment
Q400: A company's finance department wants to receive
Q401: A user has setup an EBS backed
Q402: What is the minimum duration when setting
Q403: An application is currently deployed on several