Answer is Macie Amazon Macie is a security service that uses machine learning to automatically discover, classify, and protect sensitive data in AWS. Amazon Macie recognizes sensitive data such as personally identifiable information (PII) or intellectual property, and provides you with dashboards and alerts that give visibility into how this data is being accessed or moved

B for sure. macie service is specifically used to identify PII information.

B…but the answer itself is wrong.. using CloudTrail to investigate GET operations will return 0 results. CloudTrail by default doesn’t record data plane events. If customers want to record data plane events, a CloudTrail trail must be implemented and configure to store data events actions, such as GET, PUT, etc.

PII => Macie

Amazon Macie is a security service that employs machine learning to find, classify, and safeguard sensitive data in the Amazon Web Services (AWS) cloud. It automatically detects a large and growing list of sensitive data types, including personally identifiable information (PII) such as names, addresses, and credit card numbers. It also gives you constant visibility of your data stored in Amazon Simple Storage Service (Amazon S3)

A. This option is incorrect. Although Amazon Athena can be used to query S3 storage buckets, it cannot automatically identify PII data. Additionally, Amazon CloudWatch cannot directly monitor Amazon S3 object access. B. This is a correct answer. Amazon Macie is a security service used to automatically identify, classify, and protect sensitive data. Enabling Macie can help identify objects containing PII data. Then, by analyzing GET operations in AWS CloudTrail logs and S3 storage bucket logs, it can be determined whether this information has been accessed. C. This option is incorrect. Amazon GuardDuty is an intelligent threat detection service used to monitor and protect AWS accounts and workloads, but it is not used to identify and classify PII data in S3. D. This option is incorrect. Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. However, it mainly focuses on the security of EC2 instances and does not identify and classify PII data in S3 storage buckets.

Macie for classification, B

Key word "PII" - Immediately thought of Macie.

B is right

Anwser: B. Key word: "security audit", "restricted data", "S3 bucket", "PII". -> Macie

Ans: B

Ans: B 100%

Ans > B

Ans (B)

macie used for PII so its B ! B !

B, for sure.

B is correct