A financial firm is adopting a cloud infrastructure and needs to ensure that their storage services are monitored for governance adherence. They require a tool that not just records the configurations but also evaluates them against established regulatory standards. Which tool should they implement to automate this compliance check and alert them of discrepancies?
The correct service for the given scenario is AWS Config, as it enables continuous monitoring, recording, and assessment of resource configurations against compliance standards. It helps in identifying non-compliant resources and can trigger alerts when a resource falls out of compliance. On the other hand, AWS CloudTrail is focused on logging API calls and user activity across an account, which is ideal for auditing but does not continuously evaluate configurations against compliance standards. Amazon Inspector is designed for automated security assessments of applications and does not specialize in compliance monitoring of resource configurations. Amazon GuardDuty offers threat detection and continuous monitoring for malicious or unauthorized behavior but does not assess compliance against regulatory standards.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is AWS Config and how does it work?
Open an interactive chat with Bash
What are the benefits of using AWS Config for compliance monitoring?
Open an interactive chat with Bash
What is the difference between AWS Config and AWS CloudTrail?
Open an interactive chat with Bash
AWS Cloud Practitioner CLF-C02
Security and Compliance
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access