A company uses AWS KMS with CMKs and manual key rotation to meet regulatory compliance requirements. The security team wants to be notified when any keys have not been rotated after 90 days. Which solution will accomplish this?
A) Configure AWS KMS to publish to an Amazon SNS topic when keys are more than 90 days old.
B) Configure an Amazon CloudWatch Events event to launch an AWS Lambda function to call the AWS Trusted Advisor API and publish to an Amazon SNS topic.
C) Develop an AWS Config custom rule that publishes to an Amazon SNS topic when keys are more than 90 days old.
D) Configure AWS Security Hub to publish to an Amazon SNS topic when keys are more than 90 days old.
Correct Answer:
Verified
Q478: A user is defining a policy for
Q479: By default, Amazon CloudTrail logs _ actions
Q480: When logging with Amazon CloudTrail, API call
Q481: A company uses AWS Organizations to manage
Q482: A company wants to ensure that their
Q484: A DevOps Engineer has a single Amazon
Q485: A company runs an application consisting of
Q486: A company uses federated access for its
Q487: A company has multiple development teams sharing
Q488: A company recently launched an application that
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents