When preparing for a compliance assessment of your system built inside of AWS. what are three
best-practices for you to prepare for anaudit?
Choose 3 answers
A.
Gather evidence of your IT operational controls
B.
Request and obtain applicable third-party audited AWS compliance reports and certifications
C.
Request and obtain a compliance and security tour of an AWS data center for a preassessment security review
D.
Request and obtain approval from AWS to perform relevant network scans and in-depth
penetration tests of your system’s Instances and endpoints
E.
Schedule meetings with AWS’s third-party auditors to provide evidence of AWS compliance that
maps to your control objectives
A,B and D are answer here.
A,B and D
abd
ABD, I have been doing this for the past 3 years
I agree, E) sounds ridiculous, third-party Authorities would never disclose other client’s operational evidence. It must be ABD
abd
Answer is ABD to pass exam
Ans: A,D & E (http://d0.awsstatic.com/whitepapers/compliance/AWS_Auditing_Security_Checklist.pdf)
A,B and D are answer here. White paper shared doesnt talk about E – (Scheduling meetings with any third party auditors)