AWS Cloud Practitioner Exam Question: Misuploaded Credit Card Information Detection and Report

Misuploaded Credit Card Information Detection and Report

Question

An administrator receives an alert and detailed report regarding credit card information that has been erroneously uploaded by a user into one of the S3 buckets during an online questionnaire exercise for a survey.

Which AWS service provided this detection and report?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Correct Answer: D.

Amazon Macie is a fully managed AWS service that provides data security and privacy using machine learning algorithms, artificial intelligence and pattern matching.

These mechanisms detect, discover, monitor, report and protect sensitive data stored in Amazon Simple Storage Service (Amazon S3)

Macie can detect and alert sensitive data, such as bank credit card information.

https://docs.aws.amazon.com/macie/latest/user/what-is-macie.html

Option A is INCORRECT because Amazon Inspector does not assess actual data stored in S3

It primarily assesses applications for exposure and vulnerability.

Option B is INCORRECT because Amazon EventBridge does not perform the function of detecting sensitive data.

Option C is INCORRECT because primarily relevant in establishing the root cause of security incidencies or suspicious activities within the AWS environment.

The AWS service that is likely to have provided the detection and report for credit card information erroneously uploaded into an S3 bucket is Amazon Macie.

Amazon Macie is a managed service that uses machine learning and pattern matching to automatically discover, classify, and protect sensitive data in AWS. It provides a comprehensive view of data access activity for security and compliance purposes, and it can detect and alert on anomalous activity related to sensitive data, such as unauthorized access, unusual data access patterns, and sensitive data being moved or deleted.

In this scenario, the credit card information uploaded into the S3 bucket would likely be classified as sensitive data by Amazon Macie, and it would have triggered an alert and a detailed report to the administrator based on its detection capabilities. Amazon Macie provides several pre-configured policies that detect common types of sensitive data, including credit card numbers, and it can also be configured to create custom policies to meet specific needs.

Amazon Inspector is a service that analyzes the behavior of AWS resources and applications to identify potential security issues. It does not have specific capabilities to detect sensitive data in S3 buckets.

Amazon EventBridge is a serverless event bus service that makes it easy to build event-driven applications at scale. It does not have specific capabilities to detect sensitive data in S3 buckets.

Amazon Detective is a service that analyzes and visualizes data from AWS resources and applications to identify the root cause of security issues. It does not have specific capabilities to detect sensitive data in S3 buckets.