AWS Certified Security – Specialty (SCS-C02) — Question 178

A company wants to receive automated email notifications when AWS access keys from developer AWS accounts are detected on code repository sites.

Which solution will provide the required email notifications?

Answer options

• A. Create an Amazon EventBridge rule to send Amazon Simple Notification Service (Amazon SNS) email notifications for Amazon GuardDuty UnauthorizedAccess:IAMUser/lnstanceCredentialExfiltration.OutsideAWS findings.
• B. Change the AWS account contact information for the Operations type to a separate email address. Periodically poll this email address for notifications.
• C. Create an Amazon EventBridge rule that reacts to AWS Health events that have a value of Risk for the service category. Configure email notifications by using Amazon Simple Notification Service (Amazon SNS).
• D. Implement new anomaly detection software. Ingest AWS CloudTrail logs. Configure monitoring for ConsoleLogin events in the AWS Management Console. Configure email notifications from the anomaly detection software.

Correct answer: A

Explanation

Option A is correct because it directly addresses the requirement for automated email notifications based on specific AWS GuardDuty findings related to access keys. The other options do not specifically target the detection of AWS access keys on code repository sites or rely on less effective methods for notification.