Multiple Choice
A company had one of its Amazon EC2 key pairs compromised. A Security Engineer must identify which current Linux EC2 instances were deployed and used the compromised key pair. How can this task be accomplished?
A) Obtain the list of instances by directly querying Amazon EC2 using: aws ec2 describe-instances --filters "Name=key-name,Values=KEYNAMEHERE" . Obtain the list of instances by directly querying Amazon EC2 using: aws ec2 describe-instances --filters "Name=key-name,Values=KEYNAMEHERE" .
B) Obtain the fingerprint for the key pair from the AWS Management Console, then search for the fingerprint in the Amazon Inspector logs.
C) Obtain the output from the EC2 instance metadata using: curl http://169.254.169.254/latest/meta-data/public-keys/0/ . Obtain the output from the EC2 instance metadata using: curl http://169.254.169.254/latest/meta-data/public-keys/0/
D) Obtain the fingerprint for the key pair from the AWS Management Console, then search for the fingerprint in Amazon CloudWatch Logs using: aws logs filter-log-events . Obtain the fingerprint for the key pair from the AWS Management Console, then search for the fingerprint in Amazon CloudWatch Logs using: aws logs filter-log-events
Correct Answer:
Verified
Correct Answer:
Verified
Q203: A corporate cloud security policy states that
Q204: A company's database developer has just migrated
Q205: Due to new compliance requirements, a Security
Q206: A company plans to use custom AMIs
Q207: A company wants to control access to
Q209: A Security Engineer must design a solution
Q210: The AWS Systems Manager Parameter Store is
Q211: A Development team has built an experimental
Q212: An application has been written that publishes
Q213: A company is using AWS Organizations to