Question #948
A company needs to ensure that their data stored in AWS is classified according to regulatory compliance standards. Which AWS service will automatically discover and classify sensitive data?
AWS Config
Amazon Macie
AWS Certificate Manager
AWS CloudTrail
Explanation
Amazon Macie (B) is the correct answer because it uses machine learning and pattern matching to automatically discover, classify, and protect sensitive data stored in AWS (e.g., PII, financial data, or intellectual property). This aligns with regulatory compliance requirements.
Other options are incorrect because:
- AWS Config (A) tracks resource configuration changes but does not classify data.
- AWS Certificate Manager (C) manages SSL/TLS certificates and does not handle data classification.
- AWS CloudTrail (D) logs API activity for auditing but does not classify data.
Key Points: Macie specializes in data classification and protection, making it the best choice for compliance-driven sensitive data discovery.
Answer
The correct answer is: B