Certified Security - Specialty

Sign Up Free or Log In to participate!

Security Specialty simulator question

In regards to this sample question How to monitor all s3 buckets in your account have encryption enabled and to auto remediate any that are not. This is listed as not correct

       "CloudWatch Events rule that triggers an SNS notification when the Lambda Function detects an S3 bucket which is not      using server side encryption".       Is this not correct because lambda can not detect?

But this is correct:

      "Create a Lamda function which uses the IAM role to review the S3 bucket settings, correct them and notify your team of out-of-compliance buckets’.  Is this correct because lambda is used to review vs detect?

Appreciate any invite

1 Answers

Yes, you would use a Cloudwatch Event rule to get triggered by Config is there’s a change in the config/compliance (refer to https://docs.aws.amazon.com/config/latest/developerguide/monitor-config-with-cloudwatchevents.html) , then Cloudwatch can trigger Lambda to review what Config found out, and take action.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?