ExpertMedium1 markMultiple Choice
AWS SAP-C02 · Question 43 · Domain 3.2: Security Improvement
A company requires that all S3 buckets are private. If a developer accidentally makes a bucket public, it must be automatically reverted to private within minutes. Which combination of services achieves this?
A company requires that all S3 buckets are private. If a developer accidentally makes a bucket public, it must be automatically reverted to private within minutes. Which combination of services achieves this?
Answer options:
A.
AWS CloudTrail and Amazon SNS.
B.
AWS Config rules triggering an AWS Systems Manager Automation document.
C.
Amazon Macie and AWS Lambda.
D.
AWS Trusted Advisor.
How to approach this question
Look for the detect-and-remediate pattern.
Full Answer
B.AWS Config rules triggering an AWS Systems Manager Automation document.✓ Correct
AWS Config rules triggering an AWS Systems Manager Automation document.
AWS Config continuously monitors resource configurations and can automatically trigger Systems Manager Automation documents to remediate non-compliant resources.
Common mistakes
Relying on CloudTrail without a compute service to perform the remediation.
Practice the full AWS Solutions Architect Professional SAP-C02 Practice Exam 3
75 questions · hints · full answers · grading
More questions from this exam
Q01An enterprise has 100 VPCs across 5 AWS Regions. They need to establish a highly available, trans...HardQ02A company uses AWS Organizations. The CISO requires that no EC2 instances can be launched outside...MediumQ03An application uses Amazon Aurora PostgreSQL. To meet disaster recovery requirements, the databas...HardQ04A company is setting up a new multi-account AWS environment. They want to automate the creation o...MediumQ05An organization wants to allocate AWS costs to specific departments. They use multiple AWS accoun...Medium