New Year Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: simple70

  1. Home
  2. Discussions
  3. Amazon Web Services
  4. AWS Certified Specialty
  5. SCS-C02 Discussions
  6. SCS-C02 Exam Topic 10 Question 97 Discussion

Amazon Web Services AWS Certified Security - Specialty SCS-C02 Question # 97 Topic 10 Discussion

 Amazon Web Services Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

Amazon Web Services AWS Certified Security - Specialty SCS-C02 Question # 97 Topic 10 Discussion

SCS-C02 Exam Topic 10 Question 97 Discussion:
Question #: 97
Topic #: 10

A company is migrating its Amazon EC2 based applications to use Instance Metadata Service Version 2 (IMDSv2). A security engineer needs to determine whether any of the EC2 instances are still using Instance Metadata Service Version 1 (IMDSv1).

What should the security engineer do to confirm that the IMDSv1 endpoint is no longer being used?
A.

Configure logging on the Amazon CloudWatch agent for IMDSv1 as part of EC2 instance startup. Create a metric filter and a CloudWatch dashboard. Track the metric in the dashboard.

B.

Create an Amazon CloudWatch dashboard Verify that the EC2MetadataNoToken metric is zero across all EC2 instances. Monitor the dashboard.

C.

Create a security group that blocks access to HTTP for the IMDSv1 endpoint Attach the security group to all EC2 instances.

D.

Configure user data scripts for all EC2 instances to send logging information to AWS CloudTrail when IMDSv1 is used Create a metric filter and an Amazon CloudWatch dashboard Track the metric in the dashboard.

Get Premium SCS-C02 Questions
Actual exam question for Amazon Web Services SCS-C02 exam by Cyra607 at Nov 16, 2025, 10:29:40 PM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next