ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty SCS-C02 All Questions

View all questions & answers for the AWS Certified Security - Specialty SCS-C02 exam
Go to Exam

Exam AWS Certified Security - Specialty SCS-C02 topic 1 question 33 discussion

Exam question from Amazon's AWS Certified Security - Specialty SCS-C02
Question #: 33
Topic #: 1
[All AWS Certified Security - Specialty SCS-C02 Questions]

A company has a single AWS account and uses an Amazon EC2 instance to test application code. The company recently discovered that the instance was compromised. The instance was serving up malware. The analysis of the instance showed that the instance was compromised 35 days ago.
A security engineer must implement a continuous monitoring solution that automatically notifies the company's security team about compromised instances through an email distribution list for high severity findings. The security engineer must implement the solution as soon as possible.
Which combination of steps should the security engineer take to meet these requirements? (Choose three.)

  • A. Enable AWS Security Hub in the AWS account.
  • B. Enable Amazon GuardDuty in the AWS account.
  • C. Create an Amazon Simple Notification Service (Amazon SNS) topic. Subscribe the security team's email distribution list to the topic.
  • D. Create an Amazon Simple Queue Service (Amazon SQS) queue. Subscribe the security team's email distribution list to the queue.
  • E. Create an Amazon EventBridge rule for GuardDuty findings of high severity. Configure the rule to publish a message to the topic.
  • F. Create an Amazon EventBridge rule for Security Hub findings of high severity. Configure the rule to publish a message to the queue.
Show Suggested Answer Hide Answer
Suggested Answer: BCE 🗳️
by AgboolaKun at Oct. 18, 2023, 10:52 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
100fold
Highly Voted 1 year, 4 months ago
Selected Answer: BCE
Answer BCE
upvoted 6 times
...
WeepingMaplte
Highly Voted 1 year, 2 months ago
AWS Security Hub does not have any scanning capabilities. It provides you with a comprehensive view of your security state only.
upvoted 5 times
...
FunkyFresco
Most Recent 6 months, 2 weeks ago
Selected Answer: BCE
BCE are the right options.
upvoted 1 times
...
Ved_1142
8 months, 3 weeks ago
BCE its GuardDuty -- for monitoring SNS- to Notify GuardDuty in EventBridge as Rule as mentioned in Question.
upvoted 1 times
...
Raphaello
1 year ago
Selected Answer: BCE
BCE..obviously. GuardDuty + EventBridge + SNS
upvoted 1 times
...
Daniel76
1 year, 3 months ago
Selected Answer: BCE
GuardDuty, Eventbridge, SNS topics
upvoted 2 times
...
Daniel76
1 year, 3 months ago
Selected Answer: BCE
https://repost.aws/knowledge-center/guardduty-eventbridge-sns-rule
upvoted 3 times
...
Aamee
1 year, 3 months ago
Selected Answer: BCE
BCE options look most relevant.
upvoted 1 times
...
pupsik
1 year, 4 months ago
Selected Answer: BCE
BCE it is.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago