Complete the code to enable AWS Security Hub in a specific region.
aws securityhub [1] --region us-east-1
The correct command to enable Security Hub is enable-security-hub. This activates Security Hub in the specified region.
Complete the code to list all findings in AWS Security Hub.
aws securityhub [1] --region us-west-2
The correct command to retrieve findings is get-findings. It returns the security findings detected by Security Hub.
Fix the error in the command to disable Security Hub.
aws securityhub [1] --region eu-central-1
The correct command to disable Security Hub is disable-security-hub. Other options are invalid commands.
Fill both blanks to filter Security Hub findings by severity and resource type.
aws securityhub get-findings --filters SeverityLabel={Eq=[1],ResourceType={Eq=[2] --region us-east-2SeverityLabel should be set to CRITICAL to filter high severity findings. ResourceType should be AwsEc2Instance to filter findings related to EC2 instances.
Fill all three blanks to create a custom action in Security Hub.
aws securityhub create-action-target --name [1] --description [2] --identifier [3] --region ap-southeast-1
The --name is a short identifier like "NotifyTeam". The --description explains the action purpose. The --identifier is a unique string identifier like "NotifyTeamAction".