ExamGecko
Question list
Search
Search

List of questions

Search

Related questions











Question 29 - SCS-C01 discussion

Report
Export

A security engineer is auditing a production system and discovers several additional IAM roles that are not required and were not previously documented during the last audit 90 days ago. The engineer is trying to find out who created these IAM roles and when they were created. The solution must have the lowest operational overhead.

Which solution will meet this requirement?

A.
Import AWS CloudTrail logs from Amazon S3 into an Amazon Elasticsearch Service cluster, and search through the combined logs for CreateRole events.
Answers
A.
Import AWS CloudTrail logs from Amazon S3 into an Amazon Elasticsearch Service cluster, and search through the combined logs for CreateRole events.
B.
Create a table in Amazon Athena for AWS CloudTrail events. Query the table in Amazon Athena for CreateRole events.
Answers
B.
Create a table in Amazon Athena for AWS CloudTrail events. Query the table in Amazon Athena for CreateRole events.
C.
Use AWS Config to look up the configuration timeline for the additional IAM roles and view the linked AWS CloudTrail event.
Answers
C.
Use AWS Config to look up the configuration timeline for the additional IAM roles and view the linked AWS CloudTrail event.
D.
Download the credentials report from the IAM console to view the details for each IAM entity, including the creation dates.
Answers
D.
Download the credentials report from the IAM console to view the details for each IAM entity, including the creation dates.
Suggested answer: A
asked 16/09/2024
ISRAEL PEREZ GARCIA
34 questions
User
Your answer:
0 comments
Sorted by

Leave a comment first