Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty SCS-C02 All Questions

View all questions & answers for the AWS Certified Security - Specialty SCS-C02 exam
Go to Exam

Exam AWS Certified Security - Specialty SCS-C02 topic 1 question 167 discussion

Exam question from Amazon's AWS Certified Security - Specialty SCS-C02
Question #: 167
Topic #: 1
[All AWS Certified Security - Specialty SCS-C02 Questions]

A security engineer must Implement monitoring of a company's Amazon Aurora MySQL DB instances. The company wants to receive email notifications when unknown users try to log in to the database endpoint.

Which solution will meet these requirements with the LEAST operational overhead?

  • A. Enable Amazon GuardDuty. Enable the Amazon RDS Protection feature in GuardDuty to detect login attempts by unknown users. Create an Amazon EventBridge rule to filter GuardDuty findings. Send email notifications by using Amazon Simple Notification Service (Amazon SNS).
  • B. Enable the server_audit_logglng parameter on the Aurora MySQL DB instances. Use AWS Lambda to periodically scan the delivered log files for login attempts by unknown users. Send email notifications by using Amazon Simple Notification Service (Amazon SNS).
  • C. Create an Amazon RDS Custom AMI. Include a third-party security agent in the AMI to detect login attempts by unknown users. Deploy RDS Custom DB instances. Migrate data from the existing installation to the RDS Custom DB instances. Configure email notifications from the third-party agent.
  • D. Write a stored procedure to detect login attempts by unknown users. Schedule a recurring job inside the database engine. Configure Aurora MySQL to use Amazon Simple Notification Service (Amazon SNS) to send email notifications.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by grekh001 at May 31, 2024, 8:12 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
grekh001
Highly Voted 3 months, 3 weeks ago
A. https://docs.aws.amazon.com/guardduty/latest/ug/rds-protection.html
upvoted 6 times
...
Davidng88
Most Recent 1 week, 2 days ago
Selected Answer: A
A has least operational overheads compared to B (write and maintain Lambda), C (customized AMI, 3rd party software agents) and D (write and maintain stored procedure).
upvoted 1 times
...
heatblur
1 month, 1 week ago
Selected Answer: A
A is correct....a Lambda function to periodically scan the logs is not ideal.
upvoted 1 times
...
HunkyBunky
1 month, 3 weeks ago
Selected Answer: A
I guess that A - fits better in that scenario
upvoted 1 times
...
adit
2 months, 2 weeks ago
Selected Answer: B
B right answer
upvoted 1 times
adit
2 months, 2 weeks ago
A right answer
upvoted 2 times
...
...
sema2232
3 months, 1 week ago
B right answer
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel