A company that uses ServiceNow has an flaws account where a sensitive workload runs. The necessary security groups are in place. The company needs to implement a solution to create an incident in ServiceNow every time the rules change in any security group. Which solution will meet this requirement with the LEAST operational effort? A. Create an Amazon CloudWatch alarm that enters ALARM state when security groups change. Configure the alarm to invoke an flaws Lambda function that connects to ServiceNow to create an incident. B. Enable flaws Security Hub. Create an flaws Lambda function that connects to ServiceNow to create an incident. Create an Amazon EventBridge rule to detect security group changes. Configure the event type as Security Hub Findings - Custom Action. Configure the EventBridge rule to invoke the Lambda function. C. Create an Amazon EventBridge rule to detect security group changes. Configure the event type as flaws API Call via CloudTrail. Configure the EventBridge rule to run the flaws-CreateServiceNowIncidentAWS Systems Manager Automation runbook to create an incident in ServiceNow. D. Launch an Amazon EC2 instance that has a persistent connection to ServiceNow to detect security group changes. Export flaws CloudTrail logs to the EC2 instance. Write a bash script to run a scheduled cron job every 30 minutes to search the CloudTrail logs for security groups changes. Configure the EC2 instance to create an incident in ServiceNow when a change is detected. Â Correct Answer: B This question is in SOA-C02 exam For getting AWS Certified SysOps Administrator - Associate
Please login or Register to submit your answer
