Multiple Choice
A Security Engineer discovered a vulnerability in an application running on Amazon ECS. The vulnerability allowed attackers to install malicious code. Analysis of the code shows it exfiltrates data on port 5353 in batches at random time intervals. While the code of the containers is being patched, how can Engineers quickly identify all compromised hosts and stop the egress of data on port 5353?
A) Enable AWS Shield Advanced and AWS WAF. Configure an AWS WAF custom filter for egress traffic on port 5353
B) Enable Amazon Inspector on Amazon ECS and configure a custom assessment to evaluate containers that have port 5353 open. Update the NACLs to block port 5353 outbound.
C) Create an Amazon CloudWatch custom metric on the VPC Flow Logs identifying egress traffic on port 5353. Update the NACLs to block port 5353 outbound.
D) Use Amazon Athena to query AWS CloudTrail logs in Amazon S3 and look for any traffic on port 5353. Update the security groups to block port 5353 outbound.
Correct Answer:
Verified
Correct Answer:
Verified
Q141: Which option for the use of the
Q142: During a security event, it is discovered
Q143: A company is developing a mobile shopping
Q144: An external auditor finds that a company's
Q145: An Amazon EC2 instance is part of
Q147: A company has a compliance requirement to
Q148: A company's architecture requires that its three
Q149: During a manual review of system logs
Q150: A company had one of its Amazon
Q151: A company has multiple AWS accounts that