AWS Certified Advanced Networking - Specialty

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: Record the current state of network resources by using AWS Config. Create rules that reflect the desired configuration settings. Set remediation for noncompliant resources.

To meet the requirements of monitoring changes to network resources, ensuring compliance with network security policies, and having access to historical configurations, the best solution is to use AWS Config. AWS Config provides a detailed view of the configuration of AWS resources in your account, including how resources are related to one another and how they were configured in the past. This allows you to track changes and assess compliance with your desired configurations. AWS Config also enables you to create rules that automatically check the configuration of AWS resources against desired settings and can trigger remediation actions for noncompliant resources. Option C is the correct answer because it directly addresses the need for monitoring changes, ensuring compliance, and accessing historical configurations. Options A and B involve using Amazon EventBridge and custom metrics from Amazon CloudWatch logs, which do not inherently provide the comprehensive configuration tracking and compliance management capabilities of AWS Config. Option D suggests using AWS Systems Manager Inventory and State Manager, which are more focused on managing and automating the configuration of instances and applications rather than providing a detailed historical view and compliance monitoring of network resources.

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Answer: Record the current state of network resources by using AWS Config. Create rules that reflect the desired configuration settings. Set remediation for noncompliant resources.

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

A company’s network engineer designs and tests VPC network configurations in a development account. The company requires monitoring of changes to network resources, strict adherence to network security policies, and access to historical configurations of network resources.

Which solution will fulfill these requirements?

Exam-Like

Last updated: January 6, 2026 at 14:03

Create an Amazon EventBridge (Amazon CloudWatch Events) rule with a custom pattern to monitor the account for changes. Configure the rule to invoke an AWS Lambda function to identify noncompliant resources. Update an Amazon DynamoDB table with the changes that are identified.

0.0%

Create custom metrics from Amazon CloudWatch logs. Use the metrics to invoke an AWS Lambda function to identify noncompliant resources. Update an Amazon DynamoDB table with the changes that are identified.

0.0%

Record the current state of network resources by using AWS Config. Create rules that reflect the desired configuration settings. Set remediation for noncompliant resources.

100.0%

Record the current state of network resources by using AWS Systems Manager Inventory. Use Systems Manager State Manager to enforce the desired configuration settings and to carry out remediation for noncompliant resources.