| Exam Name: | AWS Certified Security – Specialty | ||
| Exam Code: | SCS-C03 Dumps | ||
| Vendor: | Amazon Web Services | Certification: | AWS Certified Specialty |
| Questions: | 231 Q&A's | Shared By: | aida |
A security engineer needs to build a solution to turn AWS CloudTrail back on in multiple AWS Regions in case it is ever turned off.
What is the MOST efficient way to implement this solution?
A company ' s data scientists want to create artificial intelligence and machine learning (AI/ML) training models by using Amazon SageMaker. The training models will use large datasets in an Amazon S3 bucket. The datasets contain sensitive information.
On average, the data scientists need 30 days to train models. The S3 bucket has been secured appropriately. The company ' s data retention policy states that all data that is older than 45 days must be removed from the S3 bucket.
Which action should a security engineer take to enforce this data retention policy?
A company is running a new workload across accounts that are in an organization in AWS Organizations. All running resources must have a tag ofCostCenter, and the tag must have one of three approved values. The company must enforce this policy and must prevent any changes of the CostCenter tag to a non-approved value.
Which solution will meet these requirements?
A security engineer discovers that a company ' s user passwords have no required minimum length. The company uses the following identity providers (IdPs):
• AWS Identity and Access Management (IAM) federated with on-premises Active Directory
• Amazon Cognito user pools that contain the user database for an AWS Cloud application
Which combination of actions should the security engineer take to implement a required minimum password length? (Select TWO.)