DOP-C02 · Question #174
DOP-C02 Question #174: Real Exam Question with Answer & Explanation
Sign in or unlock DOP-C02 to reveal the answer and full explanation for question #174. The question stem and answer options stay visible for context.
Question
A company manages AWS accounts for application teams in AWS Control Tower. Individual application teams are responsible for securing their respective AWS accounts. A DevOps engineer needs to enable Amazon GuardDuty for all AWS accounts in which the application teams have not already enabled GuardDuty. The DevOps engineer is using AWS CloudFormation StackSets from the AWS Control Tower management account. How should the DevOps engineer configure the CloudFormation template to prevent failure during the StackSets deployment?
Options
- ACreate a CloudFormation custom resource that invokes an AWS Lambda function. Configure the
- BUse the Conditions section of the CloudFormation template to enable GuardDuty in accounts
- CUse the CloudFormation Fn::GetAtt intrinsic function to check whether GuardDuty is already
- DManually discover the list of AWS account IDs where GuardDuty is not enabled. Use the
Unlock DOP-C02 to see the answer
You've previewed enough free DOP-C02 questions. Unlock DOP-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.