×
Detail Form
We will send your result on your email id and phone no. please fill detail
1.
An application has been written that publishes custom metrics to Amazon CloudWatch. Recently, IAM change have been made on the account and the metrics are no longer being reported.
Which of the following is the LEAST permissive solution that will allow the metrics to be delivered?
Which of the following is the LEAST permissive solution that will allow the metrics to be delivered?
2.
A Security Engineer is trying to determine whether the encryption keys used in an AWS service are in compliance with certain regulatory standards.
Which of the following actions should the Engineer perform to get further guidance?
Which of the following actions should the Engineer perform to get further guidance?
3.
A Software Engineer wrote a customized reporting service that will run on a fleet of Amazon EC2 instances. The company security policy states that application logs for the reporting service must becentrally collected.
What is the MOST efficient way to meet these requirements?
What is the MOST efficient way to meet these requirements?
4.
A Security Engineer who was reviewing AWS Key Management Service (AWS KMS) key policies found this statement in each key policy in the company AWS account.
What does the statement allow?
What does the statement allow?
5.
What is the function of the following AWS Key Management Service (KMS) key policy attached to a customer master key (CMK)?
6.
An organization policy states that all encryption keys must be automatically rotated every 12 months.
Which AWS Key Management Service (KMS) key type should be used to meet this requirement?
Which AWS Key Management Service (KMS) key type should be used to meet this requirement?
7.
An application has a requirement to be resilient across not only Availability Zones within the application's primary region but also be available within another region altogether.
Which of the following supports this requirement for AWS resources that are encrypted by AWS KMS?
Which of the following supports this requirement for AWS resources that are encrypted by AWS KMS?
8.
During a recent internal investigation, it was discovered that all API logging was disabled in a production account, and the root user had created new API keys that appear to have been used several times.
What could have been done to detect and automatically remediate the incident?
What could have been done to detect and automatically remediate the incident?
9.
During a recent security audit, it was discovered that multiple teams in a large organization have placed restricted data in multiple Amazon S3 buckets, and the data may have been exposed. The auditor has requested that the organization identify all possible objects that contain personally identifiable information (PII) and then determine whether this information has been accessed.
What solution will allow the Security team to complete this request?
What solution will allow the Security team to complete this request?
10.
A Security Administrator is performing a log analysis as a result of a suspected AWS account compromise. The Administrator wants to analyze suspicious AWS CloudTrail log files but is overwhelmed by the volume of audit logs being generated.
What approach enables the Administrator to search through the logs MOST efficiently?
What approach enables the Administrator to search through the logs MOST efficiently?