A Security Engineer must design a solution that enables the incident Response team to audit for changes to a user's IAM permissions in the case of a security incident. How can this be accomplished?
A) Use AWS Config to review the IAM policy assigned to users before and after the incident.
B) Run the GenerateCredentialReport via the AWS CLI, and copy the output to Amazon S3 daily for auditing purposes. Run the GenerateCredentialReport via the AWS CLI, and copy the output to Amazon S3 daily for auditing purposes.
C) Copy AWS CloudFormation templates to S3, and audit for changes from the template.
D) Use Amazon EC2 Systems Manager to deploy images, and review AWS CloudTrail logs for changes.
Correct Answer:
Verified
Q1: A Security Administrator is performing a log
Q2: During a recent internal investigation, it was
Q3: A Security Engineer has created an Amazon
Q4: An organization wants to deploy a three-tier
Q5: An application has a requirement to be
Q7: A Security Administrator has a website hosted
Q8: A water utility company uses a number
Q9: A threat assessment has identified a risk
Q10: An organization has a system in AWS
Q11: An organization policy states that all encryption
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents