Topic 1 Question 80

AWS Certified SysOps Administrator - Associate

Topic 1 Question 80
A SysOps administrator maintains the security and compliance of a company's AWS account. To ensure the company's Amazon EC2 instances are following company policy, a SysOps administrator wants to terminate any EC2 instance that do not contain a department tag. Noncompliant resources must be terminated in near-real time. Which solution will meet these requirements?
- Create an AWS Config rule with the required-tags managed rule to identify noncompliant resources. Configure automatic remediation to run the AWS- TerminateEC2Instance automation document to terminate noncompliant resources.
- Create a new Amazon EventBridge (Amazon CloudWatch Events) rule to monitor when new EC2 instances are created. Send the event to a Simple Notification Service (Amazon SNS) topic for automatic remediation.
- Ensure all users who can create EC2 instances also have the permissions to use the ec2:CreateTags and ec2:DescribeTags actions. Change the instance's shutdown behavior to terminate.
- Ensure AWS Systems Manager Compliance is configured to manage the EC2 instances. Call the AWS-StopEC2Instances automation document to stop noncompliant resources.
ユーザの投票
コメント(4)
- 正解だと思う選択肢: A
  vote for A. https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html
  
  👍 4
  kati2k22cz2022/09/03
- 正解だと思う選択肢: A
  A. Config.
  
  👍 2
  Surferbolt2022/10/15
- 正解だと思う選択肢: A
  aaaaaaa
  
  👍 2
  michaldavid2022/12/09
シャッフルモード

ユーザの投票

コメント(4)