A company's security officer is concerned about the risk of AWS account root user logins and has assigned a security engineer to implement a notification solution for near-real-time alerts upon account root user logins. How should the security engineer meet these requirements?
A) Create a cron job that runs a script to download the AWS IAM security credentials file, parse the file for account root user logins, and email the security team's distribution list.
B) Run AWS CloudTrail logs through Amazon CloudWatch Events to detect account root user logins and trigger an AWS Lambda function to send an Amazon SNS notification to the security team's distribution list.
C) Save AWS CloudTrail logs to an Amazon S3 bucket in the security team's account. Process the CloudTrail logs with the security engineer's logging solution for account root user logins. Send an Amazon SNS notification to the security team upon encountering the account root user login events.
D) Save VPC Flow Logs to an Amazon S3 bucket in the security team's account, and process the VPC Flow Logs with their logging solutions for account root user logins. Send an Amazon SNS notification to the security team upon encountering the account root user login events.
Correct Answer:
Verified
Q195: A company wants to deploy an application
Q196: A security engineer is responsible for providing
Q197: A company wants to encrypt data locally
Q198: A security engineer needs to ensure their
Q199: A company has a VPC with several
Q201: A company uses an AWS Key Management
Q202: A global company must mitigate and respond
Q203: A Software Engineer wrote a customized reporting
Q204: A company recently experienced a DDoS attack
Q205: A company has contracted with a third
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents