Practice Test 4 | AWS Certified Cloud Practitioner | CLF-C01 | Dumps | Mock Test
AWS well architected framework recommends central management of all AWS Accounts from a security standpoint. What helps me to configure services and resources centrally?
A. AWS Config
B. AWS Organizations
C. AWS Inspector
D. All the above
Correct Answer: B
- Option A is incorrect. AWS Config works with rules. An Organization may have defined various compliance rules for various AWS services. These rules can be defined in AWS Config and data aggregated centrally for measuring compliance.
- Option B is CORRECT. AWS Organizations helps configure policies related to different services centrally. Also known as Service Control Policies (SCP), they can be defined for your entire Organization. As an example if you have configured a central logging of all API calls using CloudTrail, member accounts cannot override that policy using IAM policies.
- Option C is incorrect. AWS Inspector automates DevSecOps in the cloud by detecting security vulnerabilities in EC2 workloads.
- Option D is incorrect. Only AWS Organizations have the ability to provide a central management of all my AWS accounts.
Reference:
Comments are closed, but trackbacks and pingbacks are open.