ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Associate SAA-C03 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Associate SAA-C03 exam
Go to Exam

Exam AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 878 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Associate SAA-C03
Question #: 878
Topic #: 1
[All AWS Certified Solutions Architect - Associate SAA-C03 Questions]

A company creates dedicated AWS accounts in AWS Organizations for its business units. Recently, an important notification was sent to the root user email address of a business unit account instead of the assigned account owner. The company wants to ensure that all future notifications can be sent to different employees based on the notification categories of billing, operations, or security.

Which solution will meet these requirements MOST securely?

  • A. Configure each AWS account to use a single email address that the company manages. Ensure that all account owners can access the email account to receive notifications. Configure alternate contacts for each AWS account with corresponding distribution lists for the billing team, the security team, and the operations team for each business unit.
  • B. Configure each AWS account to use a different email distribution list for each business unit that the company manages. Configure each distribution list with administrator email addresses that can respond to alerts. Configure alternate contacts for each AWS account with corresponding distribution lists for the billing team, the security team, and the operations team for each business unit.
  • C. Configure each AWS account root user email address to be the individual company managed email address of one person from each business unit. Configure alternate contacts for each AWS account with corresponding distribution lists for the billing team, the security team, and the operations team for each business unit.
  • D. Configure each AWS account root user to use email aliases that go to a centralized mailbox. Configure alternate contacts for each account by using a single business managed email distribution list each for the billing team, the security team, and the operations team.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by d401c0d at April 29, 2024, 7:55 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Linuslin
Highly Voted 11 months, 1 week ago
Selected Answer: D
D is correct answer. Configuring each AWS account's root user to use email aliases that go to a centralized mailbox ensures that sensitive notifications are not directly sent to individual email addresses. Instead, they are directed to a centralized mailbox, reducing the risk of unauthorized access to sensitive information. Additionally, configuring alternate contacts for each account using a single business-managed email distribution list for the billing team, the security team, and the operations team ensures that notifications are appropriately routed to the respective teams based on the categories of billing, operations, or security. This approach centralizes control and reduces the likelihood of misconfiguration or unauthorized access to sensitive notifications.
upvoted 11 times
Linuslin
11 months, 1 week ago
Option A doesn't provide the same level of security because it relies on a single email address managed by the company, which could be compromised, and it requires all account owners to access this email account, potentially leading to access control issues. Option B presents a similar issue as Option A, as it relies on different email distribution lists but still requires administrator email addresses that may be vulnerable to compromise. Option C also has security concerns because it associates the root user email address with individual employees, which may not be ideal for security and access control purposes. So, Option D is the most secure solution for ensuring that future notifications can be sent to different employees based on the notification categories of billing, operations, or security.
upvoted 9 times
...
...
d401c0d
Highly Voted 12 months ago
Selected Answer: A
Question mentions the email was sent to a business unit account instead of an account owner. Thus, A mentions all account owners to have access to email account.
upvoted 5 times
...
GOTJ
Most Recent 1 month, 2 weeks ago
Selected Answer: B
Option B is correct, according to AWS Prescriptive Guidance (see link below): When setting up primary and alternate contacts for your AWS account, use an email distribution list instead of an individual’s email address. Using an email distribution list makes sure that ownership and reachability are preserved as individuals in your organization come and go. Set alternate contacts for billing, operations, and security notifications, and use appropriate email distribution lists accordingly. AWS uses these email addresses to contact you, so it is important you retain access to them. https://docs.aws.amazon.com/prescriptive-guidance/latest/aws-startup-security-baseline/acct-01.html
upvoted 2 times
...
bujuman
5 months, 1 week ago
Selected Answer: D
The most secure way should use "Update the alternate contacts for any AWS account in your organization" https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-update-contact-alternate.html
upvoted 3 times
...
MrIndia2022
5 months, 2 weeks ago
question- option D uses a single distribution list for all business units vs Option B which uses separate, independent distribution lists for each business unit. This involves more segregation of emails and hence is more secure. I am confused between option B and d. Pl help
upvoted 1 times
...
MatAlves
7 months ago
Selected Answer: D
Both B and D use Distribution Lists as part of the of the solution: B - "configure each DL with administrator email addresses that can respond to alerts" D - "configure alternate contacts for each account by using single business managed DL each" per team. I confess the wording isn't amazing, but between B and D, the latter is the one that properly addresses the issue involving root user email address.
upvoted 3 times
...
jadeconstancy
10 months, 1 week ago
Selected Answer: D
correct answer is D
upvoted 4 times
...
sheilawu
10 months, 3 weeks ago
Selected Answer: A
https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_update_primary_email.html
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago