Amazon Web Services exams4sure complete Scs-c01 Materials by Rayna q53 vce pdf

Page: 15 / 43

Exam Name:	AWS Certified Security - Specialty
Exam Code:	SCS-C01 Dumps
Vendor:	Amazon Web Services	Certification:	AWS Certified Specialty
Questions:	589 Q&A's	Shared By:	rayna

Question 60

A pharmaceutical company has digitized versions of historical prescriptions stored on premises. The company would like to move these prescriptions to IAM and perform analytics on the data in them. Any operation with this data requires that the data be encrypted in transit and at rest.

Which application flow would meet the data protection requirements on IAM?

Options:

Digitized files -> Amazon Kinesis Data Analytics

Digitized files -> Amazon Kinesis Data Firehose -> Amazon S3 -> Amazon Athena

Digitized files -> Amazon Kinesis Data Streams -> Kinesis Client Library consumer -> Amazon S3 -> Athena

Digitized files -> Amazon Kinesis Data Firehose -> Amazon Elasticsearch

Discussion

Question 61

A company’s security policy requires that VPC Flow Logs are enabled on all VPCs. A Security Engineer is looking to automate the process of auditing the VPC resources for compliance.

What combination of actions should the Engineer take? (Choose two.)

Options:

Create an IAM Lambda function that determines whether Flow Logs are enabled for a given VPC.

Create an IAM Config configuration item for each VPC in the company IAM account.

Create an IAM Config managed rule with a resource type of IAM:: Lambda:: Function.

Create an Amazon CloudWatch Event rule that triggers on events emitted by IAM Config.

Create an IAM Config custom rule, and associate it with an IAM Lambda function that contains the evaluating logic.

Discussion

Question 62

A Systems Engineer has been tasked with configuring outbound mail through Simple Email Service (SES) and requires compliance with current TLS standards.

The mail application should be configured to connect to which of the following endpoints and corresponding ports?

Options:

email.us-east-1.amazonIAM.com over port 8080

email-pop3.us-east-1.amazonIAM.com over port 995

email-smtp.us-east-1.amazonIAM.com over port 587

email-imap.us-east-1.amazonIAM.com over port 993

Discussion

Reeva

Wow what a success I achieved today. Thank you so much Cramkey for amazing Dumps. All students must try it.

Amari Sep 1, 2024

Wow, that's impressive. I'll definitely keep Cramkey in mind for my next exam.

Conor

I recently used these dumps for my exam and I must say, I was impressed with their authentic material.

Yunus Sep 13, 2024

Exactly…….The information in the dumps is so authentic and up-to-date. Plus, the questions are very similar to what you'll see on the actual exam. I felt confident going into the exam because I had studied using Cramkey Dumps.

Ella-Rose

Amazing website with excellent Dumps. I passed my exam and secured excellent marks!!!

Alisha Aug 17, 2024

Extremely accurate. They constantly update their materials with the latest exam questions and answers, so you can be confident that what you're studying is up-to-date.

Walter

Yayyy!!! I passed my exam with the help of Cramkey Dumps. Highly appreciated!!!!

Angus Nov 4, 2024

YES….. I saw the same questions in the exam.

Annabel

I recently used them for my exam and I passed it with excellent score. I am impressed.

Amirah Oct 28, 2024

I passed too. The questions I saw in the actual exam were exactly the same as the ones in the Cramkey Dumps. I was able to answer the questions confidently because I had already seen and studied them.

Question 63

Your company has defined a number of EC2 Instances over a period of 6 months. They want to know if any of the security groups allow unrestricted access to a resource. What is the best option to accomplish this requirement?

Please select:

Options:

Use IAM Inspector to inspect all the security Groups

Use the IAM Trusted Advisor to see which security groups have compromised access.

Use IAM Config to see which security groups have compromised access.

Use the IAM CLI to query the security groups and then filter for the rules which have unrestricted accessd