ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Developer - Associate DVA-C02 All Questions

View all questions & answers for the AWS Certified Developer - Associate DVA-C02 exam
Go to Exam

Exam AWS Certified Developer - Associate DVA-C02 topic 1 question 449 discussion

Exam question from Amazon's AWS Certified Developer - Associate DVA-C02
Question #: 449
Topic #: 1
[All AWS Certified Developer - Associate DVA-C02 Questions]

A developer is creating a web application to upload and store private data. The application will encrypt private data and then will upload the data to an Amazon S3 bucket.

The developer needs to implement a solution to automatically find any unencrypted private data in the S3 bucket. The solution must monitor the security and access control of the S3 bucket and must provide a notification if there are any security issues.

Which solution will meet these requirements?

  • A. Use AWS Step Functions to run Amazon Athena queries. Configure Athena to find unencrypted private data and to monitor for security issues in the S3 bucket. Start the queries when new objects are added to the S3 bucket. Configure Athena to provide a notification if security issues are detected.
  • B. Enable Amazon Macie for the S3 bucket. Set up custom criteria to find unencrypted private data in the S3 bucket. Set up AWS User Notifications to provide a notification when Macie detects security issues.
  • C. Enable Amazon Inspector for the AWS account. Use Amazon Inspector to scan the S3 bucket to find unencrypted private data and to monitor for security issues. Set up Amazon EventBridge to provide a notification when Amazon Inspector detects security issues.
  • D. Create an Amazon Kinesis data stream. Configure Amazon S3 to send new object notifications to the stream. Create an AWS Lambda function that runs every 10 minutes to check the stream for unencrypted private data and to monitor for security issues. Program the Lambda function to provide a notification when security issues are detected.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by vbloise at April 28, 2025, 2:54 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
vbloise
2 days, 8 hours ago
Selected Answer: B
The correct answer is B. Enable Amazon Macie for the S3 bucket. Set up custom criteria to find unencrypted private data in the S3 bucket. Set up AWS User Notifications to provide a notification when Macie detects security issues. Reasoning: Amazon Macie is specifically designed to automatically discover, classify, and protect sensitive data stored in Amazon S3 buckets. Macie can detect unencrypted data, public access issues, and sensitive data exposure. It integrates with Amazon EventBridge and User Notifications to send alerts when security issues are detected. Other options like Inspector (C) do not scan S3 for data classification or encryption status (Inspector is more for EC2 and ECR). Step Functions + Athena (A) would require custom development and maintenance, which is unnecessary since Macie natively does this. Kinesis + Lambda (D) would be overly complex, error-prone, and again unnecessary because Macie exists specifically for this use case.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago