ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty SCS-C02 All Questions

View all questions & answers for the AWS Certified Security - Specialty SCS-C02 exam
Go to Exam

Exam AWS Certified Security - Specialty SCS-C02 topic 1 question 262 discussion

Exam question from Amazon's AWS Certified Security - Specialty SCS-C02
Question #: 262
Topic #: 1
[All AWS Certified Security - Specialty SCS-C02 Questions]

A company needs to retain data that is stored in Amazon CloudWatch Logs log groups. The company must retain this data for 90 days. The company must receive notification in AWS Security Hub when log group retention is not compliant with this requirement.

Which solution will provide the appropriate notification?

  • A. Create a Security Hub custom action to assess the log group retention period.
  • B. Create a data protection policy in CloudWatch Logs to assess the log group retention period.
  • C. Create a Security Hub automation rule. Configure the automation rule to assess the log group retention period.
  • D. Use the AWS Config managed rule that assesses the log group retention period. Ensure that AWS Config integration is enabled in Security Hub.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by IPLogic at Dec. 5, 2024, 11 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
IPLogic
4 months, 3 weeks ago
Selected Answer: D
AWS Config Managed Rule: AWS Config provides a managed rule specifically for assessing the retention period of CloudWatch Logs log groups. This rule will automatically evaluate whether log groups comply with the specified retention period (in this case, 90 days). Integration with Security Hub: By enabling AWS Config integration with Security Hub, non-compliant configurations identified by AWS Config can trigger notifications in Security Hub. This ensures that any deviations from the retention policy are promptly reported.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago