SCS-C03 · Question #108
SCS-C03 Question #108: Real Exam Question with Answer & Explanation
The correct answer is B: Use AWS Config to detect the configuration changes and to record the latest configuration in. AWS Config is designed to detect, track, and evaluate configuration changes to AWS resources. It provides snapshots of the latest configuration of resources, capturing the cumulative impact of changes over time. If multiple changes occur in quick succession, AWS Config records th
Question
A security engineer wants to evaluate configuration changes to a specific AWS resource to ensure that the resource meets compliance standards. However, the security engineer is concerned about a situation in which several configuration changes are made to the resource in quick succession. The security engineer wants to record only the latest configuration of that resource to indicate the cumulative impact of the set of changes. Which solution will meet this requirement in the MOST operationally efficient way?
Options
- AUse AWS CloudTrail to detect the configuration changes by filtering API calls to monitor the
- BUse AWS Config to detect the configuration changes and to record the latest configuration in
- CUse Amazon CloudWatch to detect the configuration changes by filtering API calls to monitor the
- DUse AWS Cloud Map to detect the configuration changes. Generate a report of configuration
Explanation
AWS Config is designed to detect, track, and evaluate configuration changes to AWS resources. It provides snapshots of the latest configuration of resources, capturing the cumulative impact of changes over time. If multiple changes occur in quick succession, AWS Config records the final state after all changes, meeting the requirement to track only the latest configuration efficiently.
Community Discussion
No community discussion yet for this question.