CrowdStrike CCCS-203b Exam - Topic 6 Question 1 Discussion
What is needed to achieve visibility into the latest AWS IAM 1020 restricted use of AWS CloudShell with the latest CIS Foundations Benchmarks for AWS, Azure, and Google Cloud?
D) Leverage existing IOM policy
Visibility into AWS IAM controls, including restricted use of AWS CloudShell (CIS IAM 1.20), is provided through CrowdStrike Falcon Cloud Security posture management using Indicators of Misconfiguration (IOMs). These checks continuously evaluate cloud resources against industry-standard benchmarks, including the CIS Foundations Benchmarks for AWS, Azure, and Google Cloud.
CrowdStrike maintains prebuilt, managed IOM policies that are automatically updated to reflect the latest CIS guidance. Leveraging existing IOM policies ensures immediate coverage without the operational risk or overhead of creating and maintaining custom rules. These policies assess IAM configurations, permissions usage, service access controls, and policy enforcement related to CloudShell usage.
IOAs are designed for runtime behavioral detections and are not suitable for posture or configuration validation. Creating custom IOMs is unnecessary for CIS-aligned controls because CrowdStrike already provides validated, benchmark-mapped policies maintained by CrowdStrike security research.
Therefore, leveraging existing IOM policies is the correct and recommended approach to maintain continuous, benchmark-aligned visibility across multi-cloud environments.
A) Leverage existing IOA policy
B) Create custom IOA policy
C) Create custom IOM policy
Graham
2 days agoToi
7 days agoGlendora
12 days agoVi
2 months agoMarge
2 months agoLeslie
2 months agoJackie
2 months agoAleta
3 months agoJolene
3 months agoRodney
3 months agoGlenn
3 months agoSanjuana
3 months agoDesmond
3 months agoLorenza
4 months agoLatosha
4 months agoTy
5 months agoErasmo
5 months agoMel
5 months agoKimbery
5 months agoNickolas
5 months agoMeaghan
5 months agoIsreal
6 months ago