Answer-first summary for fast verification
Answer: Create an assessment in AWS Audit Manager using either a prebuilt or custom framework. Manually upload evidence from on-premises workloads, incorporate it into the assessment, and generate a report once Audit Manager has gathered all necessary evidence from AWS resources.
The correct answer is A. AWS Audit Manager is specifically designed to help collect, review, and manage evidence required for compliance reporting. It provides prebuilt frameworks and allows for the creation of custom frameworks, making it easy to collect evidence from AWS resources and manually upload evidence from on-premises workloads. This solution ensures that all necessary evidence is systematically managed and can generate comprehensive assessment reports, meeting the company's compliance needs. Options B, C, and D do not offer the same level of specificity and integration with compliance frameworks that Audit Manager provides.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
In a hybrid cloud environment, a company must adhere to stringent compliance standards. The company seeks to compile a comprehensive report that integrates evidence from both its on-premises operations and its AWS resources. A security engineer is responsible for devising a method to systematically gather, assess, and oversee this evidence to ensure compliance with the company's policies. What solution should the engineer implement to effectively fulfill these compliance reporting requirements?
A
Create an assessment in AWS Audit Manager using either a prebuilt or custom framework. Manually upload evidence from on-premises workloads, incorporate it into the assessment, and generate a report once Audit Manager has gathered all necessary evidence from AWS resources.
B
Install the Amazon CloudWatch agent on on-premises workloads. Utilize AWS Config to deploy a conformance pack from a sample template or a custom YAML template. Produce an assessment report after AWS Config has identified any noncompliant workloads or resources.
C
Establish the relevant security standard in AWS Security Hub. Manually upload evidence from on-premises workloads and allow Security Hub to collect evidence from AWS resources. Subsequently, download the list of controls in a .csv file format.
D
Deploy the Amazon CloudWatch agent on on-premises workloads. Develop a CloudWatch dashboard to oversee both on-premises workloads and AWS resources. Execute a query to analyze these workloads and resources, then download the query results.