A large company wants its Compliance team to audit its Amazon S3 buckets to identify if personally identifiable information (PII) is stored in them. The company has hundreds of S3 buckets and has asked the Security Engineers to scan every bucket. How can this task be accomplished?
A) Configure Amazon CloudWatch Events to trigger Amazon Inspector to scan the S3 buckets daily for PII. Configure Amazon Inspector to publish Amazon SNS notifications to the Compliance team if PII is detected.
B) Configure Amazon Macie to classify data in the S3 buckets and check the dashboard for PII findings. Configure Amazon CloudWatch Events to capture Macie alerts and target an Amazon SNS topic to be notified if PII is detected.
C) Check the AWS Trusted Advisor data loss prevention page in the AWS Management Console. Download the Amazon S3 data confidentiality report and send it to the Compliance team. Configure Amazon CloudWatch Events to capture Trusted Advisor alerts and target an Amazon SNS topic to be notified if PII is detected.
D) Enable Amazon GuardDuty in multiple Regions to scan the S3 buckets. Configure Amazon CloudWatch Events to capture GuardDuty alerts and target an Amazon SNS topic to be notified if PII is detected.
Correct Answer:
Verified
Q219: A company is configuring three Amazon EC2
Q220: A company needs to migrate several applications
Q221: During a manual review of system logs
Q222: An application running on Amazon EC2 instances
Q223: A company requires that SSH commands used
Q225: A large corporation is creating a multi-account
Q226: A company needs a forensic-logging solution for
Q227: A company's web application is hosted on
Q228: A company has a compliance requirement to
Q229: A company needs to retain log data
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents