A. Ensure that CloudTrail and S3 bucket access logging is enabled for the Analyst’s AWS account. B. Verify that a metric filter was created and then mapped to an alarm. Check the alarm notification action.
B. Check the CloudWatch dashboards to ensure that there is a metric configured with an appropriate dimension for security group changes.
C. Verify that the Analyst’s account is mapped to an IAM policy that includes permissions for cloudwatch: GetMetricStatistics and Cloudwatch: ListMetrics.

- Awsexamhub website is not related to, affiliated with, endorsed or authorized by Amazon.
- Trademarks, certification & product names are used for reference only and belong to Amazon.