AWS Certified Security - Specialty
Get started today
Ultimate access to all questions.
Ultimate access to all questions.
A security engineer aims to utilize Amazon Simple Notification Service (Amazon SNS) for sending email alerts to the company's security team regarding Amazon GuardDuty findings of High severity. Additionally, the engineer seeks to forward these findings to a visualization tool for detailed analysis. Which of the following AWS service configurations would effectively fulfill these dual objectives?
Explanation:
Option D is the correct answer as it correctly configures Amazon GuardDuty to send notifications through Amazon EventBridge with two targets. GuardDuty findings are streamed through Amazon Kinesis Data Streams into an Amazon OpenSearch Service domain for further analysis and visualization using Amazon QuickSight. Additionally, email alerts for High severity findings are delivered to the security team by configuring an SNS topic as a second target for EventBridge and using event pattern matching to filter the severity level. This option combines the necessary components to meet both requirements effectively.