ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty SCS-C02 All Questions

View all questions & answers for the AWS Certified Security - Specialty SCS-C02 exam
Go to Exam

Exam AWS Certified Security - Specialty SCS-C02 topic 1 question 230 discussion

Exam question from Amazon's AWS Certified Security - Specialty SCS-C02
Question #: 230
Topic #: 1
[All AWS Certified Security - Specialty SCS-C02 Questions]

A security engineer needs to implement a solution to identify any sensitive data that is stored in an Amazon S3 bucket. The solution must report on sensitive data in the S3 bucket by using an existing Amazon Simple Notification Service (Amazon SNS) topic.

Which solution will meet these requirements with the LEAST implementation effort?

  • A. Enable AWS Config. Configure AWS Config to monitor for sensitive data in the S3 bucket and to send notifications to the SNS topic.
  • B. Create an AWS Lambda function to scan the S3 bucket for sensitive data that matches a pattern. Program the Lambda function to send notifications to the SNS topic.
  • C. Configure Amazon Macie to use managed data identifiers to identify and categorize sensitive data. Create an Amazon EventBridge rule to send notifications to the SNS topic.
  • D. Enable Amazon GuardDuty. Configure AWS CloudTrail S3 data events. Create an Amazon CloudWatch alarm that reacts to GuardDuty findings and sends notifications to the SNS topic.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by debarshi at Nov. 18, 2024, 6:25 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
AWSLoverLoverLoverLoverLover
2 months ago
Selected Answer: C
The correct answer is C. Amazon Macie is designed specifically for automated discovery and classification of sensitive data in Amazon S3 using managed data identifiers. It can identify PII, financial data, and credentials with minimal setup. Macie findings can be integrated with Amazon EventBridge, which can send alerts to an SNS topic for notifications. This option requires the least implementation effort because: ✅ Macie is a fully managed service – No custom scripting or manual configuration needed. ✅ Uses built-in managed data identifiers – No need to define custom regex patterns. ✅ Seamless EventBridge integration – Automatically triggers notifications. ✅ Scales automatically across S3 buckets and objects.
upvoted 1 times
...
debarshi
5 months, 1 week ago
C is the correct answer.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago