A Security Engineer must design a system that can detect whether a file on an Amazon EC2 host has been modified. The system must then alert the Security Engineer of the modification. What is the MOST efficient way to meet these requirements?
A) Install antivirus software and ensure that signatures are up-to-date. Configure Amazon CloudWatch alarms to send alerts for security events.
B) Install host-based IDS software to check for file integrity. Export the logs to Amazon CloudWatch Logs for monitoring and alerting.
C) Export system log files to Amazon S3. Parse the log files using an AWS Lambda function that will send alerts of any unauthorized system login attempts through Amazon SNS.
D) Use Amazon CloudWatch Logs to detect file system changes. If a change is detected, automatically terminate and recreate the instance from the most recent AMI. Use Amazon SNS to send notification of the event.
Correct Answer:
Verified
Q55: A company has two AWS accounts, each
Q56: A Security Engineer must add additional protection
Q57: In response to the past DDoS attack
Q58: During a security event, it is discovered
Q59: A company plans to move most of
Q61: A Security Engineer for a large company
Q62: A company had one of its Amazon
Q63: A company has five AWS accounts and
Q64: A company has a few dozen application
Q65: Which of the following are valid event
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents