AWS Certified Security – Specialty — Question 63

For compliance reasons, an organization limits the use of resources to three specific AWS regions. It wants to be alerted when any resources are launched in unapproved regions.
Which of the following approaches will provide alerts on any resources launched in an unapproved region?

Answer options

• A. Develop an alerting mechanism based on processing AWS CloudTrail logs.
• B. Monitor Amazon S3 Event Notifications for objects stored in buckets in unapproved regions.
• C. Analyze Amazon CloudWatch Logs for activities in unapproved regions.
• D. Use AWS Trusted Advisor to alert on all resources being created.

Correct answer: A

Explanation

The correct answer, A, is effective because AWS CloudTrail logs all API calls, allowing the organization to set up alerts for any resources launched outside the approved regions. Options B and C focus on monitoring specific events or logs but do not provide comprehensive alerts for all resource launches. Option D is incorrect as AWS Trusted Advisor does not provide real-time alerts for resources created in unapproved regions.