SAP-C02 · Question #440
SAP-C02 Question #440: Real Exam Question with Answer & Explanation
The correct answer is B: Create an analyzer in AWS Identity and Access Management Access Analyzer. Create an. Access Analyzer is to assess the access policy. https://docs.aws.amazon.com/ja_jp/AmazonS3/latest/userguide/access-control-block-public-
Question
A company needs to audit the security posture of a newly acquired AWS account. The company's data security team requires a notification only when an Amazon S3 bucket becomes publicly exposed. The company has already established an Amazon Simple Notification Service (Amazon SNS) topic that has the data security team's email address subscribed. Which solution will meet these requirements?
Options
- ACreate an S3 event notification on all S3 buckets for the isPublic event. Select the SNS topic as
- BCreate an analyzer in AWS Identity and Access Management Access Analyzer. Create an
- CCreate an Amazon EventBridge rule for the event type "Bucket-Level API Call via CloudTrail" with
- DActivate AWS Config and add the cloudtrail-s3-dataevents-enabled rule. Create an Amazon
Explanation
Access Analyzer is to assess the access policy. https://docs.aws.amazon.com/ja_jp/AmazonS3/latest/userguide/access-control-block-public-
Community Discussion
No community discussion yet for this question.