🔥 3-day streak
AWS Certified DevOps Engineer - Professional189 / 204
Question 189 of 204
A financial services company aggregates Security Hub findings across 40 member accounts into a delegated administrator account. Compliance requires that any finding tagged with a specific approved-exception resource tag (indicating a documented risk acceptance) be automatically set to a SUPPRESSED workflow status and have its severity lowered, without an engineer manually editing each finding. The team wants this to apply consistently to all current and future matching findings across the organization using a native Security Hub feature. What should the DevOps engineer implement?
Reviewed for accuracy · Report an issueNext question