Summer Certification Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: force70

Amazon Web Services AWS Certified Security – Specialty SCS-C03 Question # 3 Topic 1 Discussion

Amazon Web Services AWS Certified Security – Specialty SCS-C03 Question # 3 Topic 1 Discussion

SCS-C03 Exam Topic 1 Question 3 Discussion:
Question #: 3
Topic #: 1

A company is using an organization in AWS Organizations that contains 100 accounts. The company has configured trusted access for Amazon GuardDuty to AWS Organizations within the management account. The company has designated a member account to be the GuardDuty administrator for the organization.

GuardDuty is working properly and reports findings for the organization in the GuardDuty console. The company wants a SecOps team to receive real-time email alerts from any GuardDuty finding within the organization that is high severity according to GuardDuty severity levels.

Which solution will meet these requirements?


A.

In the management account, create a rule in Amazon EventBridge that will react to a GuardDuty finding that has a high severity level. Configure the rule to notify an Amazon SNS topic. Subscribe the SecOps team’s email addresses to the SNS topic.


B.

Configure trusted access for AWS Config within the organization. Create a rule in AWS Config to monitor for any non-archived findings in GuardDuty. Create a rule in Amazon EventBridge that will react if AWS Config detects a compliance change for the AWS Config rule. Configure the EventBridge rule to target an Amazon SNS topic. Subscribe the SecOps team’s email addresses to the SNS topic.


C.

In the GuardDuty delegated administrator account, configure a rule in Amazon EventBridge that will react to a GuardDuty finding that has a high severity level. Configure the rule to notify an Amazon SNS topic. Subscribe the SecOps team’s email addresses to the SNS topic.


D.

Configure AWS CloudTrail for the organization in the management account. Create a rule in Amazon EventBridge that will run on a ListFindings API call. Configure the rule to notify an Amazon SNS topic. Subscribe the SecOps team’s email addresses to the SNS topic.


Get Premium SCS-C03 Questions

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.