Amazon Web Services exams4sure complete Scs-c01 Materials by Rayna q53 vce pdf

Page: 15 / 43

Exam Name:	AWS Certified Security - Specialty
Exam Code:	SCS-C01 Dumps
Vendor:	Amazon Web Services	Certification:	AWS Certified Specialty
Questions:	589 Q&A's	Shared By:	rayna

Question 60

A pharmaceutical company has digitized versions of historical prescriptions stored on premises. The company would like to move these prescriptions to IAM and perform analytics on the data in them. Any operation with this data requires that the data be encrypted in transit and at rest.

Which application flow would meet the data protection requirements on IAM?

Options:

Digitized files -> Amazon Kinesis Data Analytics

Digitized files -> Amazon Kinesis Data Firehose -> Amazon S3 -> Amazon Athena

Digitized files -> Amazon Kinesis Data Streams -> Kinesis Client Library consumer -> Amazon S3 -> Athena

Digitized files -> Amazon Kinesis Data Firehose -> Amazon Elasticsearch

Discussion

Question 61

A company’s security policy requires that VPC Flow Logs are enabled on all VPCs. A Security Engineer is looking to automate the process of auditing the VPC resources for compliance.

What combination of actions should the Engineer take? (Choose two.)

Options:

Create an IAM Lambda function that determines whether Flow Logs are enabled for a given VPC.

Create an IAM Config configuration item for each VPC in the company IAM account.

Create an IAM Config managed rule with a resource type of IAM:: Lambda:: Function.

Create an Amazon CloudWatch Event rule that triggers on events emitted by IAM Config.

Create an IAM Config custom rule, and associate it with an IAM Lambda function that contains the evaluating logic.

Discussion

Atlas

What are these Dumps? Would anybody please explain it to me.

Reign Aug 14, 2024

These are exam dumps for a variety of IT certifications. They have a vast collection of updated questions and answers, which are very helpful in preparing for the exams.

Robin

Cramkey is highly recommended.

Jonah Oct 16, 2024

Definitely. If you're looking for a reliable and effective study resource, look no further than Cramkey Dumps. They're simply wonderful!

Hendrix

Great website with Great Exam Dumps. Just passed my exam today.

Luka Aug 31, 2024

Absolutely. Cramkey Dumps only provides the latest and most updated exam questions and answers.

Nadia

Why these dumps are important? Can I pass my exam without these dumps?

Julian Oct 22, 2024

The questions in the Cramkey dumps are explained in detail and there are also study notes and reference materials provided. This made it easier for me to understand the concepts and retain the information better.

Question 62

A Systems Engineer has been tasked with configuring outbound mail through Simple Email Service (SES) and requires compliance with current TLS standards.

The mail application should be configured to connect to which of the following endpoints and corresponding ports?

Options:

email.us-east-1.amazonIAM.com over port 8080

email-pop3.us-east-1.amazonIAM.com over port 995

email-smtp.us-east-1.amazonIAM.com over port 587

email-imap.us-east-1.amazonIAM.com over port 993

Discussion

Question 63

Your company has defined a number of EC2 Instances over a period of 6 months. They want to know if any of the security groups allow unrestricted access to a resource. What is the best option to accomplish this requirement?

Please select:

Options:

Use IAM Inspector to inspect all the security Groups

Use the IAM Trusted Advisor to see which security groups have compromised access.

Use IAM Config to see which security groups have compromised access.

Use the IAM CLI to query the security groups and then filter for the rules which have unrestricted accessd