AWS Certified Security - Specialty
Get started today
Ultimate access to all questions.
A company requires a solution to automatically notify its security team whenever an AWS access key has not been rotated for 90 days or more. The solution should require the least amount of effort to implement. Which of the following solutions would achieve this requirement?
A company requires a solution to automatically notify its security team whenever an AWS access key has not been rotated for 90 days or more. The solution should require the least amount of effort to implement. Which of the following solutions would achieve this requirement?
Explanation:
The correct answer is A. This solution leverages AWS Config managed rules to check for non-compliant access keys without manual scripting. By setting up the managed rule to run daily and configuring an Amazon EventBridge rule to listen for NON_COMPLIANT findings, notifications are automatically sent via Amazon SNS to the security team. This approach minimizes the effort required since it uses built-in AWS services and managed rules, avoiding the need for custom scripts or complex configurations.