SCS-C03 · Question #125
SCS-C03 Question #125: Real Exam Question with Answer & Explanation
Sign in or unlock SCS-C03 to reveal the answer and full explanation for question #125. The question stem and answer options stay visible for context.
Question
A company has the following security policy for its Amazon Aurora MySQL databases for a single AWS account: - Database storage must be encrypted at rest. - Deletion protection must be enabled. - Databases must not be publicly accessible. - Database audit logs must be published to Amazon CloudWatch Logs. A security engineer must implement a solution that continuously monitors all Aurora MySQL resources for compliance with this policy. The solution must be able to display a database's compliance state for each part of the policy at any time. Which solution will meet these requirements?
Options
- AEnable AWS Audit Manager. Configure Audit Manager to use a custom framework that matches
- BEnable AWS Config. Implement AWS Config managed rules that monitor all Aurora MySQL
- CEnable AWS Security Hub. Create a configuration policy that includes the security requirements.
- DCreate an Amazon EventBridge rule that runs when an Aurora MySQL resource is created or
Unlock SCS-C03 to see the answer
You've previewed enough free SCS-C03 questions. Unlock SCS-C03 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.