The Security team has decided that there will be no public internet access to HTTP (TCP port 80) because it is moving to HTTPS for all incoming web traffic. The team has asked a SysOps Administrator to provide a report on any security groups that are not compliant. What should the SysOps Administrator do to provide near real-time compliance reporting?

Topic #: - All AWS-SysOps Questions

A. Enable AWS Trusted Advisor and show the Security team that the Security Groups unrestricted access check will alarm.
B. Schedule an AWS Lambda function to run hourly to scan and evaluate all security groups, and send a report to the Security team.
C. Use AWS Config to enable the restricted-common-ports rule, and add port 80 to the parameters.
D. Use Amazon Inspector to evaluate the security groups during scans, and send the completed reports to the Security team.

- Awsexamhub website is not related to, affiliated with, endorsed or authorized by Amazon.
- Trademarks, certification & product names are used for reference only and belong to Amazon.

Suggested Answer:

Reference Material:

Suggested Answer:

Reference Material:

Share this post

Join the Discussion