ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty SCS-C02 All Questions

View all questions & answers for the AWS Certified Security - Specialty SCS-C02 exam
Go to Exam

Exam AWS Certified Security - Specialty SCS-C02 topic 1 question 223 discussion

Exam question from Amazon's AWS Certified Security - Specialty SCS-C02
Question #: 223
Topic #: 1
[All AWS Certified Security - Specialty SCS-C02 Questions]

A company uses Amazon Elastic Container Registry (Amazon ECR) as the repository for its production applications. A security engineer must implement an automated solution to report any vulnerabilities that ECR enhanced scanning detects. The solution must provide notification of vulnerability findings in an instant message to the company’s Slack account

Which solution will meet these requirements with the MOST operational efficiency?

  • A. Activate Amazon Inspector scans for the ECR repository. Create an Amazon Simple Notification Service (Amazon SNS) topic. Configure an AWS Chatbot client for Slack that consumes the SNS topic. Create an Amazon EventBridge rule for Amazon Inspector findings. Specify the SNS topic as the target for the rule.
  • B. Activate Amazon Inspector scans for the ECR repository. Write a script to use AWS CLI commands to retrieve image scan findings from Amazon Inspector. Configure the script to send the findings to a Slack endpoint. Launch an Amazon EC2 instance to run the script.
  • C. Activate Amazon Inspector scans for the ECR repository. Create an AWS Step Functions state machine. Set a first step in the state machine to call the Amazon Inspector ListFindings API operation. Create an Amazon Simple Notification Service (Amazon SNS) topic with Slack as the target. Add a second step in the state machine to call the Amazon SNS Publish API operation.
  • D. Activate AWS Security Hub scans for the ECR repository. Create a custom action in Security Hub for findings. Define an Amazon EventBridge rule for the custom action. Configure the EventBridge rule to redirect the findings to a Slack channel.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by IPLogic at Dec. 5, 2024, 2:19 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
IPLogic
4 months, 3 weeks ago
Selected Answer: A
The most operationally efficient solution is A. Activate Amazon Inspector scans for the ECR repository. Create an Amazon Simple Notification Service (Amazon SNS) topic. Configure an AWS Chatbot client for Slack that consumes the SNS topic. Create an Amazon EventBridge rule for Amazon Inspector findings. Specify the SNS topic as the target for the rule.
upvoted 2 times
IPLogic
4 months, 3 weeks ago
Automated Workflow: This setup leverages Amazon Inspector for automated vulnerability scanning, Amazon SNS for messaging, AWS Chatbot for Slack integration, and Amazon EventBridge for event-driven automation. This combination ensures a seamless and automated workflow from detection to notification12. Real-Time Notifications: By using AWS Chatbot with SNS, you can send real-time notifications directly to Slack, ensuring that your team is immediately informed of any vulnerabilities detected1. Scalability and Maintenance: This solution is highly scalable and requires minimal maintenance compared to writing custom scripts or managing state machines. It leverages managed AWS services that are designed to work together efficiently
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago