A healthcare company stores patient records in Amazon S3. The compliance team requires automated discovery and alerting if any Personally Identifiable Information (PII) or Protected Health Information (PHI) is uploaded to the buckets.<br/><br/>Which TWO actions should a solutions architect take to meet this requirement? (Select TWO.)

Answer options:

Enable Amazon Macie and configure it to scan the S3 buckets.

Enable Amazon GuardDuty for the S3 buckets.

Configure Amazon EventBridge to trigger an SNS notification when Macie generates a finding.

Use AWS Config rules to scan S3 object contents.

Enable AWS CloudTrail data events for S3.

How to approach this question

Identify the service designed for data classification in S3.

Full Answer

Amazon Macie is a data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in AWS. It integrates with EventBridge for automated alerting.

Common mistakes

Confusing Macie (data classification) with GuardDuty (threat detection).

Question 11 All questions Question 13

Practice the full AWS SAA-C03 Practice Exam 6

65 questions · hints · full answers · grading

More questions from this exam

Q01A company has multiple AWS accounts in an AWS Organizations organization. The security team wants...Medium Q02A company has two AWS accounts: Account A for development and Account B for production. Developer...Medium Q03A mobile application needs to authenticate users using their social media accounts (Facebook, Goo...Easy Q04A company is running an application on Amazon EC2 instances. The application needs to connect to ...Medium Q05A company has 50 AWS accounts managed by AWS Organizations. The IT team wants to implement a cent...Easy

View all 65 questions →