Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty SCS-C02 All Questions

View all questions & answers for the AWS Certified Security - Specialty SCS-C02 exam
Go to Exam

Exam AWS Certified Security - Specialty SCS-C02 topic 1 question 49 discussion

Exam question from Amazon's AWS Certified Security - Specialty SCS-C02
Question #: 49
Topic #: 1
[All AWS Certified Security - Specialty SCS-C02 Questions]

A company discovers a billing anomaly in its AWS account. A security consultant investigates the anomaly and discovers that an employee who left the company 30 days ago still has access to the account. The company has not monitored account activity in the past.
The security consultant needs to determine which resources have been deployed or reconfigured by the employee as quickly as possible.
Which solution will meet these requirements?

  • A. In AWS Cost Explorer, filter chart data to display results from the past 30 days. Export the results to a data table. Group the data table by resource.
  • B. Use AWS Cost Anomaly Detection to create a cost monitor. Access the detection history. Set the time frame to Last 30 days. In the search area, choose the service category.
  • C. In AWS CloudTrail, filter the event history to display results from the past 30 days. Create an Amazon Athena table that contains the data. Partition the table by event source.
  • D. Use AWS Audit Manager to create an assessment for the past 30 days. Apply a usage-based framework to the assessment. Configure the assessment to assess by resource.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by 100fold at Oct. 18, 2023, 6:18 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
100fold
Highly Voted 11 months, 3 weeks ago
Selected Answer: C
Answer C. CloudTrail for as quickly as possible. Look up events related to the creation, modification, or deletion of resources in your AWS account. AWS Cost Anomaly Detection: For a new service subscription, 10 days of historical service usage data is needed before anomalies can be detected for that service. If you create a new monitor, it can take up to 24 hours to begin detecting new anomalies.
upvoted 9 times
...
FunkyFresco
Most Recent 1 month, 2 weeks ago
Selected Answer: C
Option C, cloud trail.
upvoted 1 times
...
Raphaello
7 months, 4 weeks ago
Selected Answer: C
To investigate a certain user and find what resources that IAM user created over past period, CloudTrail is the tool to use.
upvoted 1 times
...
awssecuritynewbie
8 months ago
Selected Answer: C
I think C is the best answer but Athena is over kill
upvoted 1 times
...
WeepingMaplte
9 months, 4 weeks ago
Think only Cloudtrail records down resources reconfigured by the employee.
upvoted 1 times
...
Daniel76
10 months ago
Selected Answer: C
The investigation was triggered by cost anomaly but that is not the only concern. The security engineer needs to find out what has been deployed as well as reconfigured, so AWS Cost explorer or Anomaly detection will not do the job. Only CloudTrail and Anthena will be the most effective method. Cost should have nothing to do with compliance so audit manager will not help.
upvoted 2 times
...
Ernestokoro
10 months, 3 weeks ago
Ans is B! Please see link below: https://docs.aws.amazon.com/cost-management/latest/userguide/getting-started-ad.html
upvoted 1 times
Aamee
10 months, 2 weeks ago
Don't think it can be B. See this comment above: "AWS Cost Anomaly Detection: For a new service subscription, 10 days of historical service usage data is needed before anomalies can be detected for that service. If you create a new monitor, it can take up to 24 hours to begin detecting new anomalies."
upvoted 2 times
...
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel