🔥 3-day streak
AWS Certified Security - Specialty18 / 157
Question 18 of 157
A security governance team must continuously evaluate all member accounts in an AWS Organization against a well-defined internal baseline of 40 specific resource configuration rules (e.g., required EBS encryption, mandatory tags, prohibited public RDS instances). They want the entire ruleset deployed and version-controlled as a single, reusable YAML artifact that includes automatic remediation actions, and they want the same package applied uniformly across all accounts via the delegated administrator. Which approach best meets these requirements?
Reviewed for accuracy · Report an issueNext question