A company’s Security Officer is concerned about the risk of AWS account root user logins and has assigned a Security Engineer to implement a notification solution for near-real-time alerts upon account root user logins.
How should the Security Engineer meet these requirements?
A . Create a cron job that runs a script lo download the AWS IAM security credentials We.
parse the file for account root user logins and email the Security team’s distribution 1st
B . Run AWS CloudTrail logs through Amazon CloudWatch Events to detect account roo4 user logins and trigger an AWS Lambda function to send an Amazon SNS notification to the Security team’s distribution list.
C . Save AWS CloudTrail logs to an Amazon S3 bucket in the Security team’s account Process the CloudTrail logs with the Security Engineer’s logging solution for account root user logins Send an Amazon SNS notification to the Security team upon encountering the account root user login events
D . Save VPC Plow Logs to an Amazon S3 bucket in the Security team’s account and process the VPC Flow Logs with their logging solutions for account root user logins Send an Amazon SNS notification to the Security team upon encountering the account root user login events
Answer: B
Leave a Reply