Amazon Web Services certsexpert aws Certified Specialty Scs-c01 Amazon Web Services Study Notes by Mimi q479 vce pdf

Page: 19 / 43

Exam Name:	AWS Certified Security - Specialty
Exam Code:	SCS-C01 Dumps
Vendor:	Amazon Web Services	Certification:	AWS Certified Specialty
Questions:	589 Q&A's	Shared By:	mimi

Question 76

During a recent security audit, it was discovered that multiple teams in a large organization have placed restricted data in multiple Amazon S3 buckets, and the data may have been exposed. The auditor has requested that the organization identify all possible objects that contain personally identifiable information (PII) and then determine whether this information has been accessed.

What solution will allow the Security team to complete this request?

Options:

Using Amazon Athena, query the impacted S3 buckets by using the PII query identifier function. Then, create a new Amazon CloudWatch metric for Amazon S3 object access to alert when the objects are accessed.

Enable Amazon Macie on the S3 buckets that were impacted, then perform data classification. For identified objects that contain PII, use the research function for auditing IAM CloudTrail logs and S3 bucket logs for GET operations.

Enable Amazon GuardDuty and enable the PII rule set on the S3 buckets that were impacted, then perform data classification. Using the PII findings report from GuardDuty, query the S3 bucket logs by using Athena for GET operations.

Enable Amazon Inspector on the S3 buckets that were impacted, then perform data classification. For identified objects that contain PII, query the S3 bucket logs by using Athena for GET operations.

Discussion

Question 77

A company has Windows Amazon EC2 instances in a VPC that are joined to on-premises Active Directory servers for domain services. The security team has enabled Amazon GuardDuty on the IAM account to alert on issues with the instances.

During a weekly audit of network traffic, the Security Engineer notices that one of the EC2 instances is attempting to communicate with a known command-and-control server but failing. This alert does not show up in GuardDuty.

Why did GuardDuty fail to alert to this behavior?

Options:

GuardDuty did not have the appropriate alerts activated.

GuardDuty does not see these DNS requests.

GuardDuty only monitors active network traffic flow for command-and-control activity.

GuardDuty does not report on command-and-control activity.

Discussion

Question 78

A company hosts a popular web application that connects to an Amazon RDS MySQL DB instance running in a private VPC subnet that was created with default ACL settings. The IT Security department has a suspicion that a DDos attack is coming from a suspecting IP. How can you protect the subnets from this attack?

Please select:

Options:

Change the Inbound Security Groups to deny access from the suspecting IP

Change the Outbound Security Groups to deny access from the suspecting IP

Change the Inbound NACL to deny access from the suspecting IP

Change the Outbound NACL to deny access from the suspecting IP

Discussion

Vienna

I highly recommend them. They are offering exact questions that we need to prepare our exam.

Jensen Oct 9, 2024

That's great. I think I'll give Cramkey a try next time I take a certification exam. Thanks for the recommendation!

Rosalie

I passed. I would like to tell all students that they should definitely give Cramkey Dumps a try.

Maja Aug 30, 2024

That sounds great. I'll definitely check them out. Thanks for the suggestion!

Atlas

What are these Dumps? Would anybody please explain it to me.

Reign Aug 14, 2024

These are exam dumps for a variety of IT certifications. They have a vast collection of updated questions and answers, which are very helpful in preparing for the exams.

Lennox

Something Special that they provide a comprehensive overview of the exam content. They cover all the important topics and concepts, so you can be confident that you are well-prepared for the test.

Aiza Oct 25, 2024

That makes sense. What makes Cramkey Dumps different from other study materials?

Ella-Rose

Amazing website with excellent Dumps. I passed my exam and secured excellent marks!!!

Alisha Aug 17, 2024

Extremely accurate. They constantly update their materials with the latest exam questions and answers, so you can be confident that what you're studying is up-to-date.

Question 79

An application outputs logs to a text file. The logs must be continuously monitored for security incidents.

Which design will meet the requirements with MINIMUM effort?

Options:

Create a scheduled process to copy the component’s logs into Amazon S3. Use S3 events to trigger a Lambda function that updates Amazon CloudWatch metrics with the log data. Set up CloudWatch alerts based on the metrics.

Install and configure the Amazon CloudWatch Logs agent on the application’s EC2 instance. Create a CloudWatch metric filter to monitor the application logs. Set up CloudWatch alerts based on the metrics.

Create a scheduled process to copy the application log files to IAM CloudTrail. Use S3 events to trigger Lambda functions that update CloudWatch metrics with the log data. Set up CloudWatch alerts based on the metrics.

Create a file watcher that copies data to Amazon Kinesis when the application writes to the log file. Have Kinesis trigger a Lambda function to update Amazon CloudWatch metrics with the log data. Set up CloudWatch alerts based on the metrics.