Quickly grab our SCS-C02 product now and kickstart your exam preparation today!
Name: | AWS Certified Security Specialty |
Exam Code: | SCS-C02 |
Certification: | AWS Certified Specialty |
Vendor: | Amazon |
Total Questions: | 481 |
Last Updated: | Apr 24, 2024 |
A company uses Amazon API Gateway to present REST APIs to users. An API developer wants to analyze
API access patterns without the need to parse the log files.
Which combination of steps will meet these requirements with the LEAST effort? (Select TWO.)
A company has hundreds of AWS accounts in an organization in AWS Organizations. The company operates
out of a single AWS Region. The company has a dedicated security tooling AWS account in the organization.
The security tooling account is configured as the organization's delegated administrator for Amazon
GuardDuty and AWS Security Hub. The company has configured the environment to automatically enable
GuardDuty and Security Hub for existing AWS accounts and new AWS accounts.
The company is performing control tests on specific GuardDuty findings to make sure that the company's
security team can detect and respond to security events. The security team launched an Amazon EC2 instance
and attempted to run DNS requests against a test domain, example.com, to generate a DNS finding. However,
the GuardDuty finding was never created in the Security Hub delegated administrator account.
Why was the finding was not created in the Security Hub delegated administrator account?
A security engineer needs to create an Amazon S3 bucket policy to grant least privilege read access to IAM user accounts that are named User=1, User2. and User3. These IAM user accounts are members of the AuthorizedPeople IAM group. The security engineer drafts the following S3 bucket policy:
When the security engineer tries to add the policy to the S3 bucket, the following error message appears:
"Missing required field Principal." The security engineer is adding a Principal element to the policy. The
addition must provide read access to only User1. User2, and User3. Which solution meets these requirements?