Which of the following is NOT a best practice for carrying out a security audit?

Answer options:

A.Conduct an audit on a yearly basis.
B.Conduct an audit if you`ve added or removed software in your accounts.
C.Conduct an audit if you ever suspect that an unauthorized person might have accessed your account.
D.When there are changes in your organization.

Answer: A
Option A is CORRECT because a year’s time is generally too long a gap for conducting security audits, and it does not meet the AWS recommendations.
Options B, C and D are incorrect as they are the recommended best practices by AWS.
According to the AWS documentation, you should audit your security configuration in the following situations:
On a periodic basis.
If there are changes in your organization, such as people leaving.
If you have stopped using one or more individual AWS services. This is important for removing permissions that users in your account no longer need.
If you`ve added or removed software in your accounts, such as applications on Amazon EC2 instances, AWS OpsWorks stacks, AWS CloudFormation templates, etc.
If you ever suspect that an unauthorized person might have accessed your account.
For more information on Security Audit guideline, please visit the below URL:
https://docs.aws.amazon.com/general/latest/gr/aws-security-audit-guide.html