ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional SAP-C02 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional SAP-C02 exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional SAP-C02 topic 1 question 520 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional SAP-C02
Question #: 520
Topic #: 1
[All AWS Certified Solutions Architect - Professional SAP-C02 Questions]

A company has several AWS Lambda functions written in Python. The functions are deployed with the .zip package deployment type. The functions use a Lambda layer that contains common libraries and packages in a .zip file. The Lambda .zip packages and Lambda layer .zip file are stored in an Amazon S3 bucket.

The company must implement automatic scanning of the Lambda functions and the Lambda layer to identify CVEs. A subset of the Lambda functions must receive automated code scans to detect potential data leaks and other vulnerabilities. The code scans must occur only for selected Lambda functions, not all the Lambda functions.

Which combination of actions will meet these requirements? (Choose three.)

  • A. Activate Amazon Inspector. Start automated CVE scans.
  • B. Activate Lambda standard scanning and Lambda code scanning in Amazon Inspector.
  • C. Enable Amazon GuardDuty. Enable the Lambda Protection feature in GuardDuty.
  • D. Enable scanning in the Monitor settings of the Lambda functions that need code scans.
  • E. Tag Lambda functions that do not need code scans. In the tag, include a key of InspectorCodeExclusion and a value of LambdaCodeScanning.
  • F. Use Amazon Inspector to scan the 3 bucket that contains the Lambda .zip packages and the Lambda layer .zip file for code scans.
Show Suggested Answer Hide Answer
Suggested Answer: ABE 🗳️
by vip2 at July 6, 2024, 6:52 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
vip2
Highly Voted 9 months, 3 weeks ago
Selected Answer: ABE
A, B and E Inspector for Lamda std scanning and code scanning Lambda Function with monitor setting to code scan Tag for conditional function, not for all functions
upvoted 5 times
...
JoeTromundo
Most Recent 6 months, 2 weeks ago
Selected Answer: ABE
A: Amazon Inspector can automatically scan your Lambda functions for known vulnerabilities (CVEs) in the dependencies of the functions. This action will initiate the security scanning of Lambda functions and Lambda layers to detect vulnerabilities. B: Amazon Inspector provides enhanced scanning features for Lambda functions. This includes both standard scanning (for CVEs in dependencies and layers) and code scanning (for potential vulnerabilities, like data leaks, directly in the code). E: https://docs.aws.amazon.com/lambda/latest/dg/governance-code-scanning.html#:~:text=To%20exclude%20a%20Lambda%20function,Value%3ALambdaStandardScanning. "To exclude a Lambda function from code scans, tag the function with the following key-value pair: Key:InspectorCodeExclusion Value:LambdaCodeScanning"
upvoted 2 times
...
kgpoj
7 months, 2 weeks ago
Selected Answer: ABE
A: Need to Activate Amazon Inspector first B: For **CVE**, need to use **Lambda standard scanning** B: For **data leaks**, need to use Lambda code scanning E: Tag Lambda functions that do not need code scans
upvoted 2 times
...
guruguru
7 months, 3 weeks ago
ABE, https://docs.aws.amazon.com/inspector/latest/user/scanning-lambda.html To exclude a Lambda function from Lambda standard scanning, tag the function with the following key-value pair: Key:InspectorExclusion Value:LambdaStandardScanning
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago