ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty All Questions

View all questions & answers for the AWS Certified Security - Specialty exam
Go to Exam

Exam AWS Certified Security - Specialty topic 1 question 216 discussion

Exam question from Amazon's AWS Certified Security - Specialty
Question #: 216
Topic #: 1
[All AWS Certified Security - Specialty Questions]

A security engineer is designing an incident response plan to address the risk of a compromised Amazon EC2 instance. The plan must recommend a solution to meet the following requirements:
✑ A trusted forensic environment must be provisioned.
✑ Automated response processes must be orchestrated.
Which AWS services should be included in the plan? (Choose two.)

  • A. AWS CloudFormation
  • B. Amazon GuardDuty
  • C. Amazon Inspector
  • D. Amazon Macie
  • E. AWS Step Functions
Show Suggested Answer Hide Answer
Suggested Answer: AE 🗳️
by viestner at March 16, 2021, 3:13 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
viestner
Highly Voted 3 years, 6 months ago
AE . Step functions : https://aws.amazon.com/blogs/compute/orchestrating-a-security-incident-response-with-aws-step-functions/
upvoted 23 times
...
QBB
Highly Voted 2 years, 7 months ago
Selected Answer: AE
key words: environment must be provisioned = A Cloudformation Key words: processes must be orchestrated = E Step functions
upvoted 8 times
...
Raphaello
Most Recent 1 year, 1 month ago
Selected Answer: AE
Looking to design "incident RESPONSE plan", with 2 requirements: PROVISIONING of forensic env, and ORCHESTRATED response process. I'd argue GuardDuty is required for threat detection and continuous monitoring, but not in response. Therefore I'd go with CloudFormation (provisioning) and Step Functions (orchestration).
upvoted 1 times
...
pal40sg
1 year, 10 months ago
Selected Answer: AE
A - environment provision E - Automated response process & orchestrator
upvoted 1 times
...
ITGURU51
1 year, 11 months ago
We can use Cloudformation to provision a trusted environment. AWS Step Functions to automate incident response procedures.
upvoted 1 times
...
boooliyooo
2 years, 2 months ago
Selected Answer: AE
AE looks good since it did not mention how to 'detect' the anomaly
upvoted 1 times
...
jackfei
2 years, 9 months ago
✑ Automated response processes must be orchestrated via AWS Step Functions , so answer is AE
upvoted 1 times
...
kiev
3 years, 5 months ago
AE for me as well. Cloudformation for trusted and automation is step function.
upvoted 2 times
...
skipbaylessfor3
3 years, 5 months ago
hmm, the title of this blog seems very similar to what the question is asking... https://aws.amazon.com/blogs/security/how-to-automate-incident-response-in-aws-cloud-for-ec2-instances/ but then you read through it and it doesn't use GuardDuty, Inspector, Macie, Step Functions anywhere... Only the using of Cloudformation is certain, so I'm sure A is correct at least
upvoted 2 times
...
skipbaylessfor3
3 years, 5 months ago
I don't really like this question, it seems a bit vague, and because of the vagueness, seems like it could be a trick question. That being said, I suppose I'd reluctantly agree with A and E, for reasons similar to what others answers have said
upvoted 4 times
...
sanjaym
3 years, 5 months ago
Answer: AE. Very tricky question. My response is based on wording in question. A trusted forensic environment must be provisioned. ==>Cloud formation for environment provisioning. Automated response processes must be orchestrated. ==>Step function for orchestration.
upvoted 4 times
...
weurseuk
3 years, 5 months ago
AE : A cloudformation to create your Ec2 / E step fct for automatisation : 'You can use Step Functions to easily automate recurring tasks) Not Guardduty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts, workloads, and data stored in Amazon S3. Not Inspector : gives findings on Securities on Ec2 Macie : personal Infos
upvoted 4 times
...
[Removed]
3 years, 6 months ago
more details: https://bhconsulting.ie/aws-incident-response/
upvoted 2 times
...
[Removed]
3 years, 6 months ago
A to provision the environment
upvoted 2 times
...
Hudda
3 years, 6 months ago
how AWS CloudFormation help for forensic Cldy? can you provide source please ?
upvoted 2 times
cldy
3 years, 6 months ago
CF is best practice for quick and consistent provisioning in case of an incident.
upvoted 2 times
...
...
cldy
3 years, 6 months ago
A. for forensic E. - for automated response
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago