Topic 1 Question 62
A company purchased a subscription to a third-party cloud security scanning solution that integrates with AWS Security Hub. A security engineer needs to implement a solution that will remediate the findings from the third-party scanning solution automatically. Which solution will meet this requirement?
Set up an Amazon EventBridge rule that reacts to new Security Hub findings. Configure an AWS Lambda function as the target for the rule to remediate the findings.
Set up a custom action in Security Hub. Configure the custom action to call AWS Systems Manager Automation runbooks to remediate the findings.
Set up a custom action in Security Hub. Configure an AWS Lambda function as the target for the custom action to remediate the findings.
Set up AWS Config rules to use AWS Systems Manager Automation runbooks to remediate the findings.
ユーザの投票
コメント(9)
- 正解だと思う選択肢: A👍 8100fold2023/10/18
- 正解だと思う選択肢: A
Another tricking question. EventBridge integrates with SecurityHub in 3 different ways..
- All findings (SH Imported)
- Findings for custom actions (SH Custom Actions)
- Insights for custom actions (SH Insights) (https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-cwe-integration-types.html)
You do not always need custom actions for EB integration, and to automatically remediate findings as in this scenario, 1st type of integration is required.
Answer is A.
👍 5Raphaello2024/02/20 - 正解だと思う選択肢: B
Verty tricky one. A,B and C can all be implemented. and we havent asked for easy,quickly or something like that a solution. so reason for not picking others
A:- could also be used but would require additional steps to configure rules to route findings from this specific third-party source to the appropriate target. Custom actions provide a native option within Security Hub.
C:- identical to B. same reasoning that Custom actions provide a native option within Security Hub.
to be honest i could go for any out of these three. even though i chose B. Arghhhh
👍 4yorkicurke2023/12/24
シャッフルモード