Topic 1 Question 457
A company that uses ServiceNow has an AWS account where a sensitive workload runs. The necessary security groups are in place. The company needs to implement a solution to create an incident in ServiceNow every time the rules change in any security group.
Which solution will meet this requirement with the LEAST operational effort?
Create an Amazon CloudWatch alarm that enters ALARM state when security groups change. Configure the alarm to invoke an AWS Lambda function that connects to ServiceNow to create an incident.
Enable AWS Security Hub. Create an AWS Lambda function that connects to ServiceNow to create an incident. Create an Amazon EventBridge rule to detect security group changes. Configure the event type as Security Hub Findings - Custom Action. Configure the EventBridge rule to invoke the Lambda function.
Create an Amazon EventBridge rule to detect security group changes. Configure the event type as AWS API Call via CloudTrail. Configure the EventBridge rule to run the AWS-CreateServiceNowIncidentAWS Systems Manager Automation runbook to create an incident in ServiceNow.
Launch an Amazon EC2 instance that has a persistent connection to ServiceNow to detect security group changes. Export AWS CloudTrail logs to the EC2 instance. Write a bash script to run a scheduled cron job every 30 minutes to search the CloudTrail logs for security groups changes. Configure the EC2 instance to create an incident in ServiceNow when a change is detected.
ユーザの投票
コメント(5)
- 正解だと思う選択肢: C
vote C
👍 2siheom2024/08/12 - 正解だと思う選択肢: C
I vote C, the question said "LEAST"
👍 2Toni29362024/09/06 - 正解だと思う選択肢: B
Answer is B
👍 1aragon_saa2024/08/12
シャッフルモード