Become Amazon Certified with updated SCS-C02 exam questions and correct answers
A company uses a third-party identity provider and SAML-based SSO for its AWS accounts. After the
third-party identity provider renewed an expired signing certificate, users saw the following message when
trying to log in:
Error: Response Signature Invalid (Service: AWSSecurityTokenService; Status Code: 400; Error Code:
InvalidldentityToken)
A security engineer needs to provide a solution that corrects the error and min-imizes operational overhead.
Which solution meets these requirements?
A company is using AWS CloudTrail is being used to monitor API calls. An audit revealed that CloudTrail is failing to deliver events to Amazon S3 as expected. A security engineer is attempting to resolve the issue. What initial actions should be taken to allow delivery of CloudTrail events to S3? (Select TWO.)
A security engineer has created an Amazon GuardDuty detector in several AWS accounts. The accounts are in an organization in AWS Organizations. The security engineer needs centralized visibility of the security findings from the detectors.
A company wants to start processing sensitive data on Amazon EC2 instances. The company will use Amazon CloudWatch Logs to monitor, store, and access log files from the EC2 instances. The company's developers use CloudWatch Logs for troubleshooting. A security engineer must implement a solution that prevents the developers from viewing the sensitive data The solution must automatically apply to any new log groups that are created in the account in the future. Which solution will meet these requirements?
© Copyrights DumpsCertify 2025. All Rights Reserved
We use cookies to ensure your best experience. So we hope you are happy to receive all cookies on the DumpsCertify.