SCS-C02 Question #209: Real Exam Question with Answer & Explanation

Question

A company wants to receive automated email notifications when AWS access keys from developer AWS accounts are detected on code repository sites. Which solution will provide the required email notifications?

Options

• ACreate an Amazon EventBridge rule to send Amazon Simple Notification Service (Amazon SNS)
• BChange the AWS account contact information for the Operations type to a separate email
• CCreate an Amazon EventBridge rule that reacts to AWS Health events that have a value of Risk
• DImplement new anomaly detection software. Ingest AWS CloudTrail logs. Configure monitoring

Explanation

The solution to receiving automated email notifications when AWS access keys are detected on code repository sites is to use Amazon EventBridge with Amazon GuardDuty findings. Specifically, creating an EventBridge rule that targets Amazon GuardDuty findings, particularly the UnauthorizedAccess:IAMUser/InstanceCredentialExfiltration finding type, allows for the detection of potential unauthorized use or exposure of AWS credentials. When such a finding is detected, EventBridge can then trigger an action to send a notification via Amazon Simple Notification Service (Amazon SNS). By configuring an SNS topic to send emails, stakeholders can be promptly informed of such security incidents. This approach leverages AWS's native security and monitoring services to provide timely alerts with minimal operational overhead, ensuring that the company can respond quickly to potential security breaches involving exposed AWS credentials.

No community discussion yet for this question.