Question #756
A company is preparing for a regulatory audit and needs to provide AWS compliance documentation. What is the most efficient method to access these documents?
Submit a request to the AWS Security team.
Retrieve the documents from AWS Artifact.
Use AWS Config to generate compliance reports.
Export the reports via AWS Security Hub.
Explanation
The correct answer is B because AWS Artifact is specifically designed to provide on-demand access to AWS compliance reports, such as SOC, PCI DSS, ISO, and other certifications. These documents are essential for regulatory audits and are readily available through AWS Artifact without requiring manual requests or custom report generation.
Why other options are incorrect:
- A: Submitting a request to the AWS Security team is unnecessary because compliance documents are self-service via AWS Artifact.
- C: AWS Config tracks resource configuration compliance but does not provide pre-built regulatory reports.
- D: AWS Security Hub aggregates security findings but does not host compliance documentation.
Key Points:
- AWS Artifact is the centralized repository for compliance reports.
- Compliance documents are available instantly, reducing delays for audits.
- Other services like AWS Config or Security Hub focus on operational or security compliance, not regulatory documentation.
Answer
The correct answer is: B