1. Home
  2. Discussions
  3. Amazon Web Services
  4. AWS Certified Specialty
  5. SCS-C02 Discussions
  6. SCS-C02 Exam Topic 10 Question 97 Discussion

Amazon Web Services AWS Certified Security - Specialty SCS-C02 Question # 97 Topic 10 Discussion

 Amazon Web Services Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

Amazon Web Services AWS Certified Security - Specialty SCS-C02 Question # 97 Topic 10 Discussion

SCS-C02 Exam Topic 10 Question 97 Discussion:
Question #: 97
Topic #: 10

A security engineer received an Amazon GuardDuty alert indicating a finding involving the Amazon EC2 instance that hosts the company's primary website. The GuardDuty finding read:

UnauthorizedAccess: IAMUser/InstanceCredentialExfiltration.

The security engineer confirmed that a malicious actor used API access keys intended for the EC2 instance from a country where the company does not operate. The security engineer needs to deny access to the malicious actor.

What is the first step the security engineer should take?
A.

Open the EC2 console and remove any security groups that allow inbound traffic from 0.0.0.0/0.

B.

Install the AWS Systems Manager Agent on the EC2 instance and run an inventory report.

C.

Install the Amazon Inspector agent on the host and run an assessment with the CVE rules package.

D.

Open the IAM console and revoke all IAM sessions that are associated with the instance profile.

Get Premium SCS-C02 Questions
Actual exam question for Amazon Web Services SCS-C02 exam by Solis1408 at Aug 3, 2025, 12:00:00 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next