SCS-C01 (Page 12)

A security alert has been raised for an Amazon EC2 instance in a customer account that is exhibiting strange behavior.The Security Engineer must first isolate theEC2 instance and then use tools for further investigation.What should the Security Engineer use to isolate and research this event? (Choose three.)Read More →

An application has been built with Amazon EC2 instances that retrieve messages from Amazon SQS.Recently, IAM changes were made and the instances can no longer retrieve messages.What actions should be taken to troubleshoot the issue while maintaining least privilege? (Choose two.)Read More →

A Security Analyst attempted to troubleshoot the monitoring of suspicious security group changes.The Analyst was told that there is an Amazon CloudWatch alarm in place for these AWS CloudTrail log events.The Analyst tested the monitoring setup by making a configuration change to the security group but did not receive any alerts.Which of the following troubleshooting steps should the Analyst perform?Read More →

AWS CloudTrail is being used to monitor API calls in an organization.An audit revealed that CloudTrail is failing to deliver events to Amazon S3 as expected.What initial actions should be taken to allow delivery of CloudTrail events to S3? (Choose two.)Read More →

A Security Engineer must design a system that can detect whether a file on an Amazon EC2 host has been modified.The system must then alert the SecurityEngineer of the modification.What is the MOST efficient way to meet these requirements?Read More →

A Security Engineer is implementing a solution to allow users to seamlessly encrypt Amazon S3 objects without having to touch the keys directly.The solution must be highly scalable without requiring continual management.Additionally, the organization must be able to immediately delete the encryption keys.Which solution meets these requirements?Read More →

A company’s security policy requires that VPC Flow Logs are enabled on all VPCs.A Security Engineer is looking to automate the process of auditing the VPC resources for compliance.What combination of actions should the Engineer take? (Choose two.)Read More →

A security team is using Amazon EC2 Image Builder to build a hardened AMI with forensic capabilities.An AWS Key Management Service (AWS KMS) key will encrypt the forensic AMI.EC2 Image Builder successfully installs the required patches and packages in the security team’s AWS account.The security team uses a federated IAM role in the same AWS account to sign in to the AWS Management Console and attempts to launch the forensic AMI.The EC2 instance launches and immediately terminates.What should the security team do to launch the EC2 instance successfully?Read More →

A company has identified two security concerns.One concern is unencrypted Amazon Elastic Block Store (Amazon EBS) volumes.The other concern is public IP addresses that are assigned to Amazon EC2 instances.A security engineer must build a solution to prevent and remediate these security issues.What should the security engineer do to meet these requirements with the LEAST amount of effort?Read More →

A Security Engineer has discovered that, although encryption was enabled on the Amazon S3 bucket examplebucket, anyone who has access to the bucket has the ability to retrieve the files.The Engineer wants to limit access to each IAM user can access an assigned folder only.What should the Security Engineer do to achieve this?Read More →