ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS DevOps Engineer Professional All Questions

View all questions & answers for the AWS DevOps Engineer Professional exam
Go to Exam

Exam AWS DevOps Engineer Professional topic 1 question 81 discussion

Exam question from Amazon's AWS DevOps Engineer Professional
Question #: 81
Topic #: 1
[All AWS DevOps Engineer Professional Questions]

A DevOps engineer wants to implement an automated response that will occur if AWS Trusted Advisor detects an IAM access key in a public source code repository. The automated response must delete the exposed access key and must notify the security team.
Which solution will meet these requirements?

  • A. Create an AWS Lambda function to delete the IAM access key. Configure AWS CloudTrail logs to stream to Amazon CloudWatch Logs. Create a CloudWatch Logs metric filter for the AWS_RISK_CREDENTIALS_EXPOSED event with two actions. First, run the Lambda function. Second, use Amazon Simple Notification Service (Amazon SNS) to send a notification to the security team.
  • B. Create an AWS Lambda function to delete the IAM access key. Create an AWS Config rule for changes to "aws.trustedadvisor" and the "Exposed Access Keys" status with two actions. First, run the Lambda function. Second, use Amazon Simple Notification Service (Amazon SNS) to send a notification to the security team.
  • C. Create an AWS Lambda function that deletes the IAM access key and then uses Amazon Simple Notification Service (Amazon SNS) to notify the security team. Create an AWS Personal Health Dashboard rule for the AWS_RISK_CREDENTIALS_EXPOSED event. Set the target of the Personal Health Dashboard rule to the ARN of the Lambda function.
  • D. Create an AWS Lambda function that deletes the IAM access key. Create an Amazon EventBridge (Amazon CloudWatch Events) rule with an "aws.trustedadvisor" event source and the "Exposed Access Keys" status. Set the EventBridge (CloudWatch Events) rule to target the Lambda function and an Amazon Simple Notification Service (Amazon SNS) topic that notifies the security team.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by ohcn at Sept. 2, 2022, 1:54 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ParagSanyashiv
2 years ago
Selected Answer: D
D is more suitable answer to the question
upvoted 1 times
...
asfsdfsdf
2 years, 2 months ago
Selected Answer: D
D - See question 80 Why not C? There is no such thing health dashboard event rule
upvoted 1 times
...
Bulti
2 years, 3 months ago
D is the correct answer.
upvoted 2 times
...
tartealacreme
2 years, 4 months ago
Selected Answer: C
C for sure
upvoted 2 times
...
quixo
2 years, 5 months ago
C https://github.com/aws/Trusted-Advisor-Tools/blob/master/ExposedAccessKeys/README.md
upvoted 1 times
bgc1
2 years, 2 months ago
Isnt't this solution from this link matching option D? Option C is about aws health and not trusted advisor. Correct?
upvoted 1 times
...
...
Paresh_Jadhav
2 years, 5 months ago
c https://docs.aws.amazon.com/awssupport/latest/user/security-checks.html#exposed-access-keys
upvoted 1 times
...
bartekb3d
2 years, 6 months ago
Selected Answer: C
https://aws.amazon.com/blogs/compute/automate-your-it-operations-using-aws-step-functions-and-amazon-cloudwatch-events/
upvoted 2 times
...
quixo
2 years, 7 months ago
I will go with C. Public access key <--> AWS Health <--> Event Bridge <--> Lambda Func. Refer: https://aws.amazon.com/blogs/compute/automate-your-it-operations-using-aws-step-functions-and-amazon-cloudwatch-events/
upvoted 2 times
...
youonebe
2 years, 7 months ago
Selected Answer: D
80/81 share the same answer D.
upvoted 4 times
...
Goozian
2 years, 7 months ago
Selected Answer: D
"D" is correct
upvoted 1 times
...
ohcn
2 years, 8 months ago
80 and 81 are the same question, but they have diff answer.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago