ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty SCS-C02 All Questions

View all questions & answers for the AWS Certified Security - Specialty SCS-C02 exam
Go to Exam

Exam AWS Certified Security - Specialty SCS-C02 topic 1 question 180 discussion

Exam question from Amazon's AWS Certified Security - Specialty SCS-C02
Question #: 180
Topic #: 1
[All AWS Certified Security - Specialty SCS-C02 Questions]

A company wants to receive automated email notifications when AWS access keys from developer AWS accounts are detected on code repository sites.

Which solution will provide the required email notifications?

  • A. Create an Amazon EventBridge rule to send Amazon Simple Notification Service (Amazon SNS) email notifications for Amazon GuardDuty UnauthorizedAccess:IAMUser/lnstanceCredentialExfiltration.OutsideAWS findings.
  • B. Change the AWS account contact information for the Operations type to a separate email address. Periodically poll this email address for notifications.
  • C. Create an Amazon EventBridge rule that reacts to AWS Health events that have a value of Risk for the service category. Configure email notifications by using Amazon Simple Notification Service (Amazon SNS).
  • D. Implement new anomaly detection software. Ingest AWS CloudTrail logs. Configure monitoring for ConsoleLogin events in the AWS Management Console. Configure email notifications from the anomaly detection software.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by mikelord at Oct. 3, 2024, 1:47 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Wardove
1 week, 3 days ago
Selected Answer: C
The Answer is C, here is a similar solution: https://github.com/aws/aws-health-tools/blob/master/automated-actions/AWS_RISK_CREDENTIALS_EXPOSED/README.md Answer cannot be A because referenced finding type is exclusive to EC2 instance profiles, and is triggered only if instance session credentials are actually being used to authenticate as the instance. https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_finding-types-iam.html#unauthorizedaccess-iam-instancecredentialexfiltrationoutsideaws
upvoted 1 times
...
youonebe
4 weeks ago
Selected Answer: A
answer A, no doubt
upvoted 1 times
...
SCSC02Q
1 month, 1 week ago
Selected Answer: C
Its C, since Q asks for DETECTION, whereas A is only after the event, GuardDuty finding indicates compromised access has already happened.
upvoted 1 times
...
VPNalumni
3 months, 3 weeks ago
https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_finding-types-iam.html#unauthorizedaccess-iam-instancecredentialexfiltrationoutsideaws A
upvoted 1 times
...
mikelord
4 months ago
Selected Answer: A
Option A is the correct solution because it leverages Amazon GuardDuty to detect unauthorized use or exposure of AWS access keys and uses Amazon EventBridge along with Amazon SNS to provide automated email notifications, efficiently meeting the requirement with the least effort.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago