Special Offer! 20% OFF on All Certification Exam Questions - Ends In Coupon code: TEL20
Stay ahead with 100% Free AWS Certified Security Specialty SCS-C02 Dumps Practice Questions
A security engineer is investigating a malware infection that has spread across a set of Amazon EC2 instances. A key indicator of the compromise is outbound traffic on TCP port 2905 to a set of command and control hosts on the internet. The security engineer creates a network ACL rule that denies the identified outbound traffic. The security engineer applies the network ACL rule to the subnet of the EC2 instances. The security engineer must identify any EC2 instances that are trying to communtcate on TCP port 2905. Which solution will identify the affected EC2 instances with the LEAST operational effort?
A company uses AWS Organizations and has production workloads across multiple AWS accounts. A security
engineer needs to design a solution that will proactively monitor for suspicious behavior across all the
accounts that contain production workloads.
The solution must automate remediation of incidents across the production accounts. The solution also must
publish a notification to an Amazon Simple Notification Service (Amazon SNS) topic when a critical security
finding is detected. In addition, the solution must send all security incident logs to a dedicated account.
Which solution will meet these requirements?
A company needs to delect unauthenticated access to its Amazon Elastic Kubernetes Service (Amazon EKS) clusters. The company needs a solution that requires no additional configuration ot the existing EKS deployment. Which solution will meet these requirements with the LEAST operational effort?
A security team is responsible for reviewing AWS API call activity in the cloud environment for security
violations. These events must be recorded and retained in a centralized location for both current and future
AWS regions.
What is the SIMPLEST way to meet these requirements?
A security engineer has created an Amazon GuardDuty detector in several AWS accounts. The accounts are in an organization in AWS Organizations. The security engineer needs centralized visibility of the security findings from the detectors.
© Copyrights TheExamsLab 2025. All Rights Reserved
We use cookies to ensure your best experience. So we hope you are happy to receive all cookies on the TheExamsLab.