AWS Certified Security - Specialty
Get started today
Ultimate access to all questions.
Comments
Loading comments...
Ultimate access to all questions.
A security engineer aims to utilize Amazon Simple Notification Service (Amazon SNS) for sending email alerts to the company's security team regarding Amazon GuardDuty findings of High severity. Additionally, the engineer seeks to forward these findings to a visualization tool for detailed analysis. Which of the following AWS service configurations would effectively fulfill these dual objectives?
A
Configure GuardDuty to notify an Amazon CloudWatch alarm with two targets. Stream findings via Amazon Kinesis Data Streams into an Amazon OpenSearch Service domain from CloudWatch. Visualize with Amazon QuickSight and analyze with OpenSearch queries. Set up an SNS topic as the second target for email alerts via CloudWatch, filtering High severity findings with an Amazon EventBridge event rule.
B
Set up GuardDuty to notify AWS CloudTrail with two targets. Stream findings through Amazon Kinesis Data Firehose into an Amazon OpenSearch Service domain from CloudTrail. Visualize with OpenSearch Dashboards and analyze with OpenSearch queries. Configure an SNS topic as the second target for email alerts via CloudTrail, filtering High severity findings with a CloudTrail event rule.
C
Configure GuardDuty to notify Amazon EventBridge with two targets. Stream findings via Amazon Kinesis Data Firehose into an Amazon OpenSearch Service domain from EventBridge. Visualize with OpenSearch Dashboards and analyze with OpenSearch queries. Set up an SNS topic as the second target for email alerts via EventBridge, filtering High severity findings with an EventBridge event rule.
D
Set up GuardDuty to notify Amazon EventBridge with two targets. Stream findings through Amazon Kinesis Data Streams into an Amazon OpenSearch Service domain from EventBridge. Visualize with Amazon QuickSight and analyze with OpenSearch queries. Configure an SNS topic as the second target for email alerts via EventBridge, filtering High severity findings with an EventBridge event rule.