A Security Analyst attempted to troubleshoot the monitoring of suspicious security group changes. The Analyst was told that there is an Amazon CloudWatch alarm in place for these AWS CloudTrail log events. The Analyst tested the monitoring setup by making a configuration change to the security group but did not receive any alerts. Which of the following troubleshooting steps should the Analyst perform?
A) Ensure that CloudTrail and S3 bucket access logging is enabled for the Analyst's AWS account. B Verify that a metric filter was created and then mapped to an alarm. Check the alarm notification action.
B) Check the CloudWatch dashboards to ensure that there is a metric configured with an appropriate dimension for security group changes.
C) Verify that the Analyst's account is mapped to an IAM policy that includes permissions for cloudwatch: GetMetricStatistics and Cloudwatch: ListMetrics.
Correct Answer:
Verified
Q42: The Security Engineer is managing a traditional
Q43: Some highly sensitive analytics workloads are to
Q44: A Developer who is following AWS best
Q45: A company runs an application on AWS
Q46: A Systems Administrator has written the following
Q48: An organization operates a web application that
Q49: An application has been built with Amazon
Q50: Which of the following is the most
Q51: The Security Engineer has discovered that a
Q52: An organization is using AWS CloudTrail, Amazon
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents