- All Exams Instant Download
Which of the following meets these requirements?
A company will store sensitive documents in three Amazon S3 buckets based on a data classification scheme of “Sensitive,” “Confidential,” and “Restricted.” The security solution must meet all of the following requirements: - Each object must be encrypted using a unique key. - Items that are stored in the “Restricted”...
What approach would enable the Security team to find out what the former employee may have done within AWS?
The Security team believes that a former employee may have gained unauthorized access to AWS resources sometime in the past 3 months by using an identified access key. What approach would enable the Security team to find out what the former employee may have done within AWS?A . Use the...
What is a characteristic of an EMC Avamar NDMP backup?
What is a characteristic of an EMC Avamar NDMP backup?A . After the first level 0 backup, level 1 backups are performed and merged to a full backup.B . Every backup is a level 0 backup.C . Level 1 backups are performed daily and merged to a full backup at...
Which of the following meet these security requirements?
A Security Administrator is configuring an Amazon S3 bucket and must meet the following security requirements: - Encryption in transit - Encryption at rest - Logging of all object retrievals in AWS CloudTrail Which of the following meet these security requirements? (Choose three.)A . Specify “aws:SecureTransport”: “true”within a condition in...
Which design will meet the requirements with MINIMUM effort?
An application outputs logs to a text file. The logs must be continuously monitored for security incidents. Which design will meet the requirements with MINIMUM effort?A . Create a scheduled process to copy the component’s logs into Amazon S3. Use S3 events to trigger a Lambda function that updates Amazon...
Which application flow would meet the data protection requirements on AWS?
A pharmaceutical company has digitized versions of historical prescriptions stored on premises. The company would like to move these prescriptions to AWS and perform analytics on the data in them. Any operation with this data requires that the data be encrypted in transit and at rest. Which application flow would...
What would resolve the connectivity issue?
A Software Engineer is trying to figure out why network connectivity to an Amazon EC2 instance does not appear to be working correctly. Its security group allows inbound HTTP traffic from 0.0.0.0/0, and the outbound rules have not been modified from the default. A custom network ACL associated with its...
How can this be accomplished?
A Security Engineer must design a solution that enables the incident Response team to audit for changes to a user’s IAM permissions in the case of a security incident. How can this be accomplished?A . Use AWS Config to review the IAM policy assigned to users before and after the...
What is the SIMPLEST way to meet these requirements?
A security team is responsible for reviewing AWS API call activity in the cloud environment for security violations. These events must be recorded and retained in a centralized location for both current and future AWS regions. What is the SIMPLEST way to meet these requirements?A . Enable AWS Trusted Advisor...
How can the Security Engineer further protect currently running instances?
A Developer’s laptop was stolen. The laptop was not encrypted, and it contained the SSH key used to access multiple Amazon EC2 instances. A Security Engineer has verified that the key has not been used, and has blocked port 22 to all EC2 instances while developing a response plan. How...
