Multiple Choice
A company had one of its Amazon EC2 key pairs compromised. A Security Engineer must identify which current Linux EC2 instances were deployed and used the compromised key pair. How can this task be accomplished?
A) Obtain the list of instances by directly querying Amazon EC2 using: aws ec2 describe-instances --fi1ters "Name=key-name,Values=KEYNAMEHERE" . Obtain the list of instances by directly querying Amazon EC2 using: aws ec2 describe-instances --fi1ters "Name=key-name,Values=KEYNAMEHERE" .
B) Obtain the fingerprint for the key pair from the AWS Management Console, then search for the fingerprint in the Amazon Inspector logs.
C) Obtain the output from the EC2 instance metadata using: curl http: //169.254.169.254/latest/meta-data/public- keys/0/.
D) Obtain the fingerprint for the key pair from the AWS Management Console, then search for the fingerprint in Amazon CloudWatch Logs using: aws logs filter-log-events . Obtain the fingerprint for the key pair from the AWS Management Console, then search for the fingerprint in Amazon CloudWatch Logs using: aws logs filter-log-events
Correct Answer:
Verified
Correct Answer:
Verified
Q145: An Amazon EC2 instance is part of
Q146: A Security Engineer discovered a vulnerability in
Q147: A company has a compliance requirement to
Q148: A company's architecture requires that its three
Q149: During a manual review of system logs
Q151: A company has multiple AWS accounts that
Q152: A security engineer is responsible for providing
Q153: A recent security audit identified that a
Q154: A company's web application is hosted on
Q155: A company is undergoing a layer 3