ExamGecko
Question list
Search
Search

List of questions

Search

Related questions











Question 549 - DOP-C01 discussion

Report
Export

A DevOps engineer at a company is supporting an AWS environment in which all users use AWS Single Sign-On. The company wants to immediately disable credentials of any new IAM user and wants the security team to receive a notification.

Which combination of steps should the DevOps engineer take to meet these requirements? (Choose three.)

A.
Create an Amazon EventBridge (Amazon CloudWatch Events) rule that reacts to an IAM CreateUser API call in AWS CloudTrail.
Answers
A.
Create an Amazon EventBridge (Amazon CloudWatch Events) rule that reacts to an IAM CreateUser API call in AWS CloudTrail.
B.
Create an Amazon EventBridge (Amazon CloudWatch Events) rule that reacts to an IAM GetLoginProfile API call in AWS CloudTrail.
Answers
B.
Create an Amazon EventBridge (Amazon CloudWatch Events) rule that reacts to an IAM GetLoginProfile API call in AWS CloudTrail.
C.
Create an AWS Lambda function that is a target of the EventBridge (CloudWatch Events) rule. Configure the Lambda function to disable any access keys and delete the login profiles that are associated with the IAM user.
Answers
C.
Create an AWS Lambda function that is a target of the EventBridge (CloudWatch Events) rule. Configure the Lambda function to disable any access keys and delete the login profiles that are associated with the IAM user.
D.
Create an AWS Lambda function that is a target of the EventBridge (CloudWatch Events) rule. Configure the Lambda function to delete the login profiles that are associated with the IAM user.
Answers
D.
Create an AWS Lambda function that is a target of the EventBridge (CloudWatch Events) rule. Configure the Lambda function to delete the login profiles that are associated with the IAM user.
E.
Create an Amazon Simple Notification Service (Amazon SNS) topic that is a target of the EventBridge (CloudWatch Events) rule. Subscribe the security team’s group email address to the topic.
Answers
E.
Create an Amazon Simple Notification Service (Amazon SNS) topic that is a target of the EventBridge (CloudWatch Events) rule. Subscribe the security team’s group email address to the topic.
F.
Create an Amazon Simple Queue Service (Amazon SQS) queue that is a target of the Lambda function. Subscribe the security team’s group email address to the queue.
Answers
F.
Create an Amazon Simple Queue Service (Amazon SQS) queue that is a target of the Lambda function. Subscribe the security team’s group email address to the queue.
Suggested answer: C, D, E
asked 16/09/2024
richard van der sligte
35 questions
User
Your answer:
0 comments
Sorted by

Leave a comment first