A company gives its employees limited rights to AWS. DevOps engineers have the ability to assume an administrator role. For tracking purposes, the security team wants to receive a near-real-time notification when the administrator role is assumed. How should this be accomplished?
A) Configure AWS Config to publish logs to an Amazon S3 bucket. Use Amazon Athena to query the logs and send a notification to the security team when the administrator role is assumed.
B) Configure Amazon GuardDuty to monitor when the administrator role is assumed and send a notification to the security team.
C) Create an Amazon EventBridge (Amazon CloudWatch Events) event rule using an AWS Management Console sign-in events event pattern that publishes a message to an Amazon SNS topic if the administrator role is assumed.
D) Create an Amazon EventBridge (Amazon CloudWatch Events) events rule using an AWS API call that uses an AWS CloudTrail event pattern to trigger an AWS Lambda function that publishes a message to an Amazon SNS topic if the administrator role is assumed.
Correct Answer:
Verified
Q565: A company is using AWS to deploy
Q566: A company has a website in an
Q567: Consider the portion of a CloudTrail log
Q568: Which statement is true about configuring proxy
Q569: A healthcare services company is concerned about
Q571: Your application stores sensitive information on an
Q572: There is a very serious outage at
Q573: You currently have the following setup in
Q574: When writing plays, tasks and playbooks, Ansible
Q575: What option below is the geographic limit
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents