A security team needs to ensure its cloud infrastructure consistently adheres to regulatory standards like PCI-DSS and internal security policies. The team requires a method that provides ongoing visibility into its compliance status. Which of the following is the BEST approach to meet this requirement?
Deploying an automated tool that continuously scans configurations and provides real-time compliance alerts.
Scheduling quarterly manual audits of system configurations and access logs to identify non-compliance issues.
Mandating annual security and compliance training for all cloud engineering and operations staff.
Creating a dedicated channel for employees to report potential compliance gaps and suggest policy updates.
Automated compliance tools are the best method for continuous monitoring as they can scan configurations and activities in real-time, providing immediate alerts on non-compliance. This allows for rapid remediation. Quarterly manual audits are periodic, not continuous, and can miss issues that arise between checks. While essential, compliance training is a preventative measure that builds awareness rather than a monitoring function. A feedback channel is a useful process for policy improvement but does not actively monitor the infrastructure for compliance.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are automated compliance monitoring tools?
Open an interactive chat with Bash
How do automated tools differ from manual compliance checks?
Open an interactive chat with Bash
What are some key features to look for in compliance monitoring tools?