Multiple Choice
A Security Administrator at a university is configuring a fleet of Amazon EC2 instances. The EC2 instances are shared among students, and non-root SSH access is allowed. The Administrator is concerned about students attacking other AWS account resources by using the EC2 instance metadata service. What can the Administrator do to protect against this potential attack?
A) Disable the EC2 instance metadata service.
B) Log all student SSH interactive session activity.
C) Implement iptables-based restrictions on the instances.
D) Install the Amazon Inspector agent on the instances.
Correct Answer:
Verified
Correct Answer:
Verified
Q217: A distributed web application is installed across
Q218: The Security Engineer implemented a new vault
Q219: A company has Windows Amazon EC2 instances
Q220: The Security Engineer created a new AWS
Q221: A company needs to encrypt all of
Q223: Some highly sensitive analytics workloads are to
Q224: A company uses AWS Organization to manage
Q225: A Software Engineer is trying to figure
Q226: A company has an application that uses
Q227: A development team is using an AWS