Exam AWS Certified Developer - Associate DVA-C02 topic 1 question 104 discussion

Use Amazon Macie to run a job on the S3 buckets that contain the affected data. Filter the findings by using the SensitiveData:S3Object/Financial finding type. Option A and D suggest using Amazon Athena, which is an interactive query service that can be used to analyze data stored in S3 using standard SQL queries. While Athena can help identify data in S3 buckets, it does not provide the same level of automated scanning and pattern matching that Amazon Macie does. Option C is incorrect because the SensitiveData:S3Object/Personal finding type is designed to identify personally identifiable information (PII), such as names and addresses, but not credit card information.

Macie is a fully managed data security and privacy service that uses machine learning and pattern matching to discover and protect sensitive data stored in Amazon S3. C) Eliminated - SensitiveData:S3Object/Personal finding type is irrelevant because credit card information is not classified as "personal" in this context but as "financial." A/D) Eliminated - Athena does not support sensitive data detection

The Ans is B because the credit card is a sensitive Data and also it is a financial Data

B is the correct answer.

SensitiveData:S3Object/Financial only works with Macie?? so how can it be D?

B. Use Amazon Macie to run a job on the S3 buckets that contain the affected data. Filter the findings by using the SensitiveData:S3Object/Financial finding type: Amazon Macie is a security service that uses machine learning and pattern matching to discover and protect sensitive data in AWS. Macie is designed to identify various types of sensitive data, including financial data, which would cover credit card information. This option is suitable for the requirement as it leverages Macie's capability to specifically identify and report on exposures of sensitive financial data.

https://docs.aws.amazon.com/macie/latest/user/findings-types.html

https://docs.aws.amazon.com/zh_tw/macie/latest/user/findings-types.html

The best solution to identify all potential exposures within the application environment after receiving an alert that customer credit card information might have been exposed in a data table on one of the company's public applications is to use Amazon Macie. Amazon Macie is a fully managed data security and privacy service that uses machine learning and pattern matching to discover and protect sensitive data in AWS.