You have been asked to use AWS Audit Manager to collect and organize evidence of compliance with a specific security policy. Describe the steps you would take to set up and use Audit Manager for this purpose, and provide an example of a security policy that could be assessed using this tool.

Simulated

Create an Audit Manager assessment, define the scope and controls, and then use AWS Config rules to automatically collect evidence. Example: A security policy requiring all EC2 instances to have disk encryption enabled.

0.0%

Create an Audit Manager assessment, define the scope and controls, and then manually review AWS resources to collect evidence. Example: A security policy requiring all RDS instances to be in a specific VPC.

33.3%

Create an Audit Manager assessment, define the scope and controls, and then use AWS Security Hub to automatically collect evidence. Example: A security policy requiring all S3 buckets to have server-side encryption enabled.

66.7%

Create an Audit Manager assessment, define the scope and controls, and then use AWS CloudTrail to automatically collect evidence. Example: A security policy requiring all Lambda functions to have a specific set of IAM permissions.

0.0%

AWS Certified Security - Specialty

Get started today

Comments

You have been asked to use AWS Audit Manager to collect and organize evidence of compliance with a specific security policy. Describe the steps you would take to set up and use Audit Manager for this purpose, and provide an example of a security policy that could be assessed using this tool.