When preparing for a compliance assessment of your system built inside of AWS. what are three best-practices
for you to prepare for an audit?
Choose 3 answers
A.
Gather evidence of your IT operational controls
B.
Request and obtain applicable third-party audited AWS compliance reports and certifications
C.
Request and obtain a compliance and security tour of an AWS data center for a pre-assessment security
review
D.
Request and obtain approval from AWS to perform relevant network scans and in-depth penetration tests
of your system’s Instances and endpoints
E.
Schedule meetings with AWS’s third-party auditors to provide evidence of AWS compliance that maps to
your control objectives
B, D, E
it says “prepare for an audit.” ABD should be the best choices to my understanding.
A,B,D
B, D, E
A – Tt doesn’t make sense because the infrastructure is related to AWS. IT operations cost are not pertained to AWS itself.
C – It is not possible AWS clearly stated that they can provide the evidence about the data center compliance documents.
A – Tt doesn’t make sense because the infrastructure is related to AWS. IT operations cost are not pertained to AWS itself.
C – It is not possible AWS clearly stated that they can provide the evidence about the data center compliance documents.
B, D, E
A, B, D
A,B,D
A – Even the systems are build in AWS, the operation team still need a solid IT Operation Control to make sure everything good.
ABD
ABD
ABD, Joe said it perfectly, AWS is a shared responsibility model so you still need proper IT Operation governance and control.
ABD
ABD
Alpha
Baker
Delta
C is absolutely wrong because “tours” of the data center are never allowed.
E is wrong because you can obtain these compliance reports from AWS.
The relevant document is:
http://d0.awsstatic.com/whitepapers/Security/AWS%20Security%20Whitepaper.pdf
ABD
ABD seems fine.
E is wrong because you don’t need to set up meetings, all these information is available in documents.
… Preparing for an audits, not meeting with the auditors – E is not the thing to do under the context of the question’s.