A developer reported that AWS CloudTrail was disabled on their account. A security engineer investigated the account and discovered the event was undetected by the current security solution. The security engineer must recommend a solution that will detect future changes to the CloudTrail configuration and send alerts when changes occur. What should the security engineer do to meet these requirements?
A) Use AWS Resource Access Manager (AWS RAM) to monitor the AWS CloudTrail configuration. Send notifications using Amazon SNS.
B) Create an Amazon CloudWatch Events rule to monitor Amazon GuardDuty findings. Send email notifications using Amazon SNS.
C) Update security contact details in AWS account settings for AWS Support to send alerts when suspicious activity is detected.
D) Use Amazon Inspector to automatically detect security issues. Send alerts using Amazon SNS.
Correct Answer:
Verified
Q181: Which of the following are valid configurations
Q182: A company is setting up products to
Q183: A company's director of information security wants
Q184: An external auditor finds that a company's
Q185: A company's on-premises data center forwards DNS
Q187: A company is designing the security architecture
Q188: A company is implementing a new application
Q189: A company's security engineer has been asked
Q190: A security engineer has noticed that VPC
Q191: A company uses multiple AWS accounts managed
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents