No Result
View All Result
IT Quesion Library
Contribute
No Result
View All Result
No Result
View All Result

A company is using an organization in AWS Organizations that contains 100 accounts. The company has configured trusted access for Amazon GuardDuty to AWS Organizations within the management account. The company has designated a member account to be the GuardDuty administrator for the organization. GuardDuty is working properly and reports findings for the organization in the GaurdDuty console. The company wants a SecOps team to receive real-time email alerts from…

QuestionsCategory: SCS-C01A company is using an organization in AWS Organizations that contains 100 accounts. The company has configured trusted access for Amazon GuardDuty to AWS Organizations within the management account. The company has designated a member account to be the GuardDuty administrator for the organization. GuardDuty is working properly and reports findings for the organization in the GaurdDuty console. The company wants a SecOps team to receive real-time email alerts from…
0 Vote Up Vote Down
Admin Staff asked 3 months ago 
A company is using an organization in AWS Organizations that contains 100 accounts. The company has configured trusted access for Amazon GuardDuty to AWS Organizations within the management account. The company has designated a member account to be the GuardDuty administrator for the organization.
GuardDuty is working properly and reports findings for the organization in the GaurdDuty console. The company wants a SecOps team to receive real-time email alerts from any GuardDuty finding within the organization that is high severity according the GuardDuty severity levels.
Which solution will meet these requirements?

A. In the management account, create a rule in Amazon EventBridge that will react to a GuardDuty finding that has a high severity level. Configure the rule to notify an Amazon Simple Notification Service (Amazon SNS) topic. Subscribe the SecOps team's email addresses to the SNS topic.

B. Configure trusted access for AWS Config within the organization. Create a rule in AWS Config to monitor for any non-archived findings in GuardDuty. Create a rule in Amazon EventBridge that will react if AWS Config detects a compliance change for the AWS Config rule. Configure the EventBridge rule to target an Amazon Simple Notification Service (Amazon SNS) topic. Subscribe the SecOps team's email addresses to the SNS topic.

C. In the GuardDuty delegated administrator account, configure a rule in Amazon EventBridge that will react to a GuardDuty finding that has a high severity level. Configure the rule to notify an Amazon Simple Notification Service (Amazon SNS) topic. Subscribe the SecOps team's email addresses to the SNS topic.

D. Configure AWS CloudTrail for the organization in the management account. Create a rule in Amazon EventBridge that will run on a ListFindings API call. Configure the rule to notify an Amazon Simple Notification Service (Amazon SNS) topic. Subscribe the SecOps team's email addresses to the SNS topic.








 

Suggested Answer: C

Community Answer: C




This question is in SCS-C01 AWS Certified Security – Specialty Exam
For getting AWS Certified Security – Specialty Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Amazon.
Trademarks, certification & product names are used for reference only and belong to Amazon.
The website does not contain actual questions and answers from Amazon's Certification Exam.
Question Tags:

Related Questions

Recommended

No Result
View All Result

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In