AWS Macie: Data Sources and Key Features

AWS Macie: Data Sources and Key Features

Prev Question Next Question

Question

Your team investigates existing AWS tools to help them better understand where and how the sensitive information is stored and accessed in AWS.

You found that AWS Macie can meet the need as it uses machine learning to analyze, classify and protect data.

It also provides a dashboard to show several key interest points, such as high-risk S3 objects and total user sessions.

Which AWS services are the data sources for AWS Macie? (Select TWO.)

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E.

Correct Answer - B, C.

Amazon Macie uses machine learning to protect data stored in Amazon S3

About the introduction for AWS Macie, please refer to https://docs.aws.amazon.com/macie/latest/userguide/macie-concepts.html.

Option B is CORRECT: Because AWS CloudTrail is the data source for AWS Macie.

The history of AWS API calls in CloudTrail via AWS Console, SDKs, CLI, and higher-level AWS services are provided to AWS Macie for the following analysis.

Option C is CORRECT: Because when AWS Macie is being configured, S3 buckets can be selected and its objects will be classified and monitored.

Options A, D, E are incorrect: Refer to the above explanations.

AWS Macie is an AWS security service that uses machine learning to automatically discover, classify, and protect sensitive data stored in AWS. It provides a comprehensive view of the sensitive data within the AWS environment by analyzing the data access patterns, user behavior, and network traffic.

The data sources for AWS Macie are the following:

  1. Amazon S3 Bucket: AWS Macie analyzes the content of S3 buckets to discover sensitive data. It can detect sensitive data such as credit card numbers, social security numbers, and other personally identifiable information (PII). Once sensitive data is detected, Macie provides alerts and notifications, and it can also apply classification labels to the data objects.

  2. AWS CloudTrail: AWS Macie analyzes CloudTrail logs to gain insights into user activity and changes made to AWS resources. CloudTrail provides a record of all AWS API calls made by users, so Macie can identify potential security risks such as unusual user activity or unauthorized changes to AWS resources.

Therefore, the correct answers are B (AWS CloudTrail) and C (Amazon S3 bucket). AWS CloudWatch is a monitoring service, and AWS Config provides a detailed inventory of AWS resources and their configuration history. AWS EBS volumes are storage devices used with EC2 instances, and they are not a data source for AWS Macie.