ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty All Questions

View all questions & answers for the AWS Certified Security - Specialty exam
Go to Exam

Exam AWS Certified Security - Specialty topic 1 question 31 discussion

Exam question from Amazon's AWS Certified Security - Specialty
Question #: 31
Topic #: 1
[All AWS Certified Security - Specialty Questions]

During a recent security audit, it was discovered that multiple teams in a large organization have placed restricted data in multiple Amazon S3 buckets, and the data may have been exposed. The auditor has requested that the organization identify all possible objects that contain personally identifiable information (PII) and then determine whether this information has been accessed.
What solution will allow the Security team to complete this request?

  • A. Using Amazon Athena, query the impacted S3 buckets by using the PII query identifier function. Then, create a new Amazon CloudWatch metric for Amazon S3 object access to alert when the objects are accessed.
  • B. Enable Amazon Macie on the S3 buckets that were impacted, then perform data classification. For identified objects that contain PII, use the research function for auditing AWS CloudTrail logs and S3 bucket logs for GET operations.
  • C. Enable Amazon GuardDuty and enable the PII rule set on the S3 buckets that were impacted, then perform data classification. Using the PII findings report from GuardDuty, query the S3 bucket logs by using Athena for GET operations.
  • D. Enable Amazon Inspector on the S3 buckets that were impacted, then perform data classification. For identified objects that contain PII, query the S3 bucket logs by using Athena for GET operations.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Wpcorgan at Aug. 25, 2019, 4:31 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
AnNguyen
Highly Voted 3 years, 7 months ago
Answer is Macie Amazon Macie is a security service that uses machine learning to automatically discover, classify, and protect sensitive data in AWS. Amazon Macie recognizes sensitive data such as personally identifiable information (PII) or intellectual property, and provides you with dashboards and alerts that give visibility into how this data is being accessed or moved
upvoted 31 times
cloudprincipal
3 years, 6 months ago
Yes, B is correct
upvoted 4 times
...
...
INASR
Highly Voted 3 years, 7 months ago
B for sure. macie service is specifically used to identify PII information.
upvoted 12 times
...
Pr1est
Most Recent 11 months, 3 weeks ago
Selected Answer: B
B…but the answer itself is wrong.. using CloudTrail to investigate GET operations will return 0 results. CloudTrail by default doesn’t record data plane events. If customers want to record data plane events, a CloudTrail trail must be implemented and configure to store data events actions, such as GET, PUT, etc.
upvoted 1 times
...
visitor9982
1 year, 4 months ago
PII => Macie
upvoted 1 times
...
ITGURU51
1 year, 11 months ago
Amazon Macie is a security service that employs machine learning to find, classify, and safeguard sensitive data in the Amazon Web Services (AWS) cloud. It automatically detects a large and growing list of sensitive data types, including personally identifiable information (PII) such as names, addresses, and credit card numbers. It also gives you constant visibility of your data stored in Amazon Simple Storage Service (Amazon S3)
upvoted 1 times
...
MaLaoban
2 years ago
Selected Answer: B
A. This option is incorrect. Although Amazon Athena can be used to query S3 storage buckets, it cannot automatically identify PII data. Additionally, Amazon CloudWatch cannot directly monitor Amazon S3 object access. B. This is a correct answer. Amazon Macie is a security service used to automatically identify, classify, and protect sensitive data. Enabling Macie can help identify objects containing PII data. Then, by analyzing GET operations in AWS CloudTrail logs and S3 storage bucket logs, it can be determined whether this information has been accessed. C. This option is incorrect. Amazon GuardDuty is an intelligent threat detection service used to monitor and protect AWS accounts and workloads, but it is not used to identify and classify PII data in S3. D. This option is incorrect. Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. However, it mainly focuses on the security of EC2 instances and does not identify and classify PII data in S3 storage buckets.
upvoted 4 times
...
whichonce
2 years, 3 months ago
Macie for classification, B
upvoted 1 times
...
janvandermerwer
2 years, 5 months ago
Selected Answer: B
Key word "PII" - Immediately thought of Macie.
upvoted 3 times
...
Mr__
2 years, 7 months ago
Selected Answer: B
B is right
upvoted 1 times
...
lmtony
3 years, 5 months ago
Anwser: B. Key word: "security audit", "restricted data", "S3 bucket", "PII". -> Macie
upvoted 2 times
...
ShakthiVinu
3 years, 5 months ago
Ans: B
upvoted 3 times
...
sanjaym
3 years, 5 months ago
Ans: B 100%
upvoted 3 times
...
devjava
3 years, 6 months ago
Ans > B
upvoted 3 times
...
AfricanCloudGuru
3 years, 6 months ago
Ans (B)
upvoted 2 times
...
RoyWeiss
3 years, 6 months ago
macie used for PII so its B ! B !
upvoted 1 times
...
gfhbox0083
3 years, 6 months ago
B, for sure.
upvoted 1 times
...
RaySmith
3 years, 6 months ago
B is correct
upvoted 1 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago