Amazon Web Services Related Exams
SCS-C02 Exam
Key domains include:
Incident Response
Logging and Monitoring
Infrastructure Security
Identity and Access Management
Data Protection
Secure Design and Implementation
The SCS-C02 certification is all about protecting AWS environments—think encryption, access control, threat detection, and compliance. On the other hand, the ANS-C01 certification dives deep into network architecture—including hybrid setups, routing protocols, and secure connectivity.
A company's Chief Security Officer has requested that a Security Analyst review and improve the security posture of each company IAM account The Security Analyst decides to do this by Improving IAM account root user security.
Which actions should the Security Analyst take to meet these requirements? (Select THREE.)
A company that uses AWS Organizations wants to see AWS Security Hub findings for many AWS accounts and AWS Regions. Some of the accounts are in the company's organization, and some accounts are in organizations that the company manages for customers. Although the company can see findings in the Security Hub administrator account for accounts in the company's organization, there are no findings from accounts in other organizations.
Which combination of steps should the company take to see findings from accounts that are outside the organization that includes the Security Hub administrator account? (Select TWO.)
A company needs to retain data that is stored in Amazon CloudWatch Logs log groups The company must retain this data for 90 days. The company must receive notification in AWS Security Hub when log group retention is not compliant with this requirement.
Which solution will provide the appropriate notification?