Amazon Exam SCS-C02 Topic 1 Question 42 Discussion

Actual exam question for Amazon's SCS-C02 exam

Question #: 42
Topic #: 1

A medical company recently completed an acquisition and inherited an existing AWS environment. The company has an upcoming audit and is concerned about the compliance posture of its acquisition.

The company must identify personal health information inside Amazon S3 buckets and must identify S3 buckets that are publicly accessible. The company needs to prepare for the audit by collecting evidence in the environment.

Which combination of steps will meet these requirements with the LEAST operational overhead? (Select THREE.)

AEnable Amazon Macie. Run an on-demand sensitive data discovery job that uses the PERSONALJNFORMATION managed data identifier.

BUse AWS Glue with the Detect Pll transform to identify sensitive data and to mask the sensitive data.

CEnable AWS Audit Manager. Create an assessment by using a supported framework.

DEnable Amazon GuardDuty S3 Protection Document any findings that are related to suspicious access of S3 buckets.

EEnable AWS Security Hub. Use the AWS Foundational Security Best Practices standard. Review the controls dashboard for evidence of failed S3 Block Public Access controls.

FEnable AWS Config Set up the s3-bucket-public-write-prohibited AWS Config managed rule.

Show Suggested Answer

Suggested Answer: A, E, F

by Jordan at Mar 06, 2025, 01:26 AM

Limited Time Offer

25%

1 months ago

I think we should enable Amazon Macie to identify personal health information in S3 buckets.

upvoted 0 times

...