New Year Sale ! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon Exam SCS-C02 Topic 5 Question 36 Discussion

Actual exam question for Amazon's SCS-C02 exam
Question #: 36
Topic #: 5
[All SCS-C02 Questions]

A company wants to receive automated email notifications when AWS access keys from developer AWS accounts are detected on code repository sites.

Which solution will provide the required email notifications?

Show Suggested Answer Hide Answer
Suggested Answer: A

The solution to receiving automated email notifications when AWS access keys are detected on code repository sites is to use Amazon EventBridge with Amazon GuardDuty findings. Specifically, creating an EventBridge rule that targets Amazon GuardDuty findings, particularly the UnauthorizedAccess:IAMUser/InstanceCredentialExfiltration finding type, allows for the detection of potential unauthorized use or exposure of AWS credentials. When such a finding is detected, EventBridge can then trigger an action to send a notification via Amazon Simple Notification Service (Amazon SNS). By configuring an SNS topic to send emails, stakeholders can be promptly informed of such security incidents. This approach leverages AWS's native security and monitoring services to provide timely alerts with minimal operational overhead, ensuring that the company can respond quickly to potential security breaches involving exposed AWS credentials.


by Hillary at Oct 20, 2024, 12:38 AM

Limited Time Offer

25%

Off

Get Premium SCS-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Brunilda
1 months ago
I wonder if the company has considered setting up a dedicated email address just for these notifications. That way, they can keep their regular inbox clean and organized. *winks*
upvoted 0 times
...
Stanton
1 months ago
Hey, does anyone else feel like they're being watched? I mean, with all these AWS access keys floating around, it's like Big Brother is always watching. *chuckles*
upvoted 0 times
...
Farrah
1 months ago
Hmm, I'm torn between A and C. Guess I'll have to flip a coin on this one. Or maybe I'll just ask the AWS support team for a recommendation.
upvoted 0 times
Misty
15 days ago
True, C could also be a good choice. It's always good to get a second opinion from the AWS support team.
upvoted 0 times
...
Justine
20 days ago
You could also consider C as an alternative option for email notifications.
upvoted 0 times
...
Barney
23 days ago
I agree, A seems like the most suitable solution for this scenario.
upvoted 0 times
...
Jaime
24 days ago
I think A is the best option. It will provide the required email notifications.
upvoted 0 times
...
...
Rashad
1 months ago
B is an interesting approach, but I'm not sure if it's the most efficient way to handle this. Seems like a lot of manual work.
upvoted 0 times
Salley
11 days ago
D) Implement new anomaly detection software. Ingest AWS CloudTrail logs. Configure monitoring for ConsoleLogin events in the AWS Management Console. Configure email notifications from the anomaly detection software.
upvoted 0 times
...
Susy
14 days ago
C) Create an Amazon EventBridge rule that reacts to AWS Health events that have a value of Risk for the service category Configure email notifications by using Amazon Simple Notification Service (Amazon SNS).
upvoted 0 times
...
Hermila
1 months ago
A) Create an Amazon EventBridge rule to send Amazon Simple Notification Service (Amazon SNS) email notifications for Amazon GuardDuty UnauthorizedAccesslAMUser/lnstanceCredentialExfiltration OutsideAWS findings.
upvoted 0 times
...
...
Nobuko
2 months ago
D looks promising, but I'm not sure if it's overkill for this use case. Maybe a combination of A and C could work?
upvoted 0 times
Buck
16 days ago
Sina: A and C combined could be a good solution for this.
upvoted 0 times
...
Tasia
23 days ago
User 3: What about C? It also involves email notifications.
upvoted 0 times
...
Sina
30 days ago
User 2: Yeah, A seems like a good option for this use case.
upvoted 0 times
...
Sanjuana
1 months ago
User 1: I think A could work well for automated email notifications.
upvoted 0 times
...
...
Lashonda
2 months ago
A seems like a good option, but I'm not sure if it covers all the bases. Might need to look into the other solutions as well.
upvoted 0 times
Francine
15 days ago
C) Create an Amazon EventBridge rule that reacts to AWS Health events that have a value of Risk for the service category Configure email notifications by using Amazon Simple Notification Service (Amazon SNS).
upvoted 0 times
...
Antione
16 days ago
D) Implement new anomaly detection software. Ingest AWS CloudTrail logs. Configure monitoring for ConsoleLogin events in the AWS Management Console. Configure email notifications from the anomaly detection software.
upvoted 0 times
...
Erasmo
18 days ago
B) Change the AWS account contact information for the Operations type to a separate email address. Periodically poll this email address for notifications.
upvoted 0 times
...
Ashlee
1 months ago
A) Create an Amazon EventBridge rule to send Amazon Simple Notification Service (Amazon SNS) email notifications for Amazon GuardDuty UnauthorizedAccesslAMUser/lnstanceCredentialExfiltration OutsideAWS findings.
upvoted 0 times
...
...
Dortha
2 months ago
I agree with Larae. Option A seems to be the most efficient and effective solution for receiving automated email notifications.
upvoted 0 times
...
Larae
2 months ago
I think option A is the best solution because it uses Amazon EventBridge and Amazon SNS for email notifications.
upvoted 0 times
...

Save Cancel