AWS Certified SysOps Administrator – Associate (legacy) — Question 61

When preparing for a compliance assessment of your system built inside of AWS. what are three best-practices for you to prepare for an audit? (Choose three.)

Answer options

• A. Gather evidence of your IT operational controls
• B. Request and obtain applicable third-party audited AWS compliance reports and certifications
• C. Request and obtain a compliance and security tour of an AWS data center for a pre-assessment security review
• D. Request and obtain approval from AWS to perform relevant network scans and in-depth penetration tests of your system's Instances and endpoints
• E. Schedule meetings with AWS's third-party auditors to provide evidence of AWS compliance that maps to your control objectives

Correct answer: A, B, D

Explanation

The correct answers A, B, and D are vital for ensuring that your system meets compliance standards, as they focus on gathering necessary evidence and permissions for audits. Option C is less effective since a tour does not directly provide compliance evidence, and option E, while useful, does not directly help in preparing the system itself for an audit.