exam questions

Exam AWS Certified Security - Specialty SCS-C02 All Questions

View all questions & answers for the AWS Certified Security - Specialty SCS-C02 exam

Exam AWS Certified Security - Specialty SCS-C02 topic 1 question 33 discussion

A company has a single AWS account and uses an Amazon EC2 instance to test application code. The company recently discovered that the instance was compromised. The instance was serving up malware. The analysis of the instance showed that the instance was compromised 35 days ago.
A security engineer must implement a continuous monitoring solution that automatically notifies the company's security team about compromised instances through an email distribution list for high severity findings. The security engineer must implement the solution as soon as possible.
Which combination of steps should the security engineer take to meet these requirements? (Choose three.)

  • A. Enable AWS Security Hub in the AWS account.
  • B. Enable Amazon GuardDuty in the AWS account.
  • C. Create an Amazon Simple Notification Service (Amazon SNS) topic. Subscribe the security team's email distribution list to the topic.
  • D. Create an Amazon Simple Queue Service (Amazon SQS) queue. Subscribe the security team's email distribution list to the queue.
  • E. Create an Amazon EventBridge rule for GuardDuty findings of high severity. Configure the rule to publish a message to the topic.
  • F. Create an Amazon EventBridge rule for Security Hub findings of high severity. Configure the rule to publish a message to the queue.
Show Suggested Answer Hide Answer
Suggested Answer: BCE 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
100fold
Highly Voted 1 year, 1 month ago
Selected Answer: BCE
Answer BCE
upvoted 6 times
...
WeepingMaplte
Highly Voted 11 months, 4 weeks ago
AWS Security Hub does not have any scanning capabilities. It provides you with a comprehensive view of your security state only.
upvoted 5 times
...
FunkyFresco
Most Recent 3 months, 2 weeks ago
Selected Answer: BCE
BCE are the right options.
upvoted 1 times
...
Ved_1142
5 months, 3 weeks ago
BCE its GuardDuty -- for monitoring SNS- to Notify GuardDuty in EventBridge as Rule as mentioned in Question.
upvoted 1 times
...
Raphaello
9 months, 2 weeks ago
Selected Answer: BCE
BCE..obviously. GuardDuty + EventBridge + SNS
upvoted 1 times
...
Daniel76
1 year ago
Selected Answer: BCE
GuardDuty, Eventbridge, SNS topics
upvoted 2 times
...
Daniel76
1 year ago
Selected Answer: BCE
https://repost.aws/knowledge-center/guardduty-eventbridge-sns-rule
upvoted 3 times
...
Aamee
1 year ago
Selected Answer: BCE
BCE options look most relevant.
upvoted 1 times
...
pupsik
1 year, 1 month ago
Selected Answer: BCE
BCE it is.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...