Detecting Users' Personal Credit Card Numbers from Amazon S3
Question
Which of the following security services can be used to detect users' personal credit card numbers from data stored in Amazon S3?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer - A.
Amazon Macie is a managed security service which can be used to detect personally identifiable information (PII) such as names, password, Credit card numbers from large amounts of data stored in Amazon S3 bucket.
Option B is incorrect as Amazon GuardDuty is used to identify threats by analyzing events from AWS CloudTrail, VPC Flow Logs, and DNS Logs.
It cannot be used to detect PII from data stored in the Amazon S3 bucket.
Option C is incorrect as Amazon Inspector can analyze potential security threats for an Amazon EC2 instance against an assessment template with predefined rules.
Option D is incorrect as AWS Shield provides protection against DDOS attacks.
For more information on Amazon Macie, refer to the following URLs:
https://aws.amazon.com/macie/features/The correct answer is A. Amazon Macie.
Amazon Macie is a security service provided by AWS that uses machine learning and pattern matching to automatically discover, classify, and protect sensitive data stored in Amazon S3. Macie can detect various types of sensitive data, such as credit card numbers, social security numbers, and personally identifiable information (PII).
Macie can help you to understand your data better, manage your data security, and comply with data protection regulations. It works by continuously monitoring the data stored in S3 buckets, identifying sensitive data, and assigning a risk score to each piece of data based on its sensitivity and exposure.
Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior in your AWS account. It does not specifically focus on detecting sensitive data in S3 buckets.
Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. It does not specifically focus on detecting sensitive data in S3 buckets.
AWS Shield is a managed service that provides protection against DDoS attacks on web applications running on AWS. It does not specifically focus on detecting sensitive data in S3 buckets.
Therefore, the correct answer is Amazon Macie.
