Multiple Choice
During a manual review of system logs from an Amazon Linux EC2 instance, a Security Engineer noticed that there are sudo commands that were never properly alerted or reported on the Amazon CloudWatch Logs agent. Why were there no alerts on the sudo commands?
A) There is a security group blocking outbound port 80 traffic that is preventing the agent from sending the logs.
B) The IAM instance profile on the EC2 instance was not properly configured to allow the CloudWatch Logs agent to push the logs to CloudWatch.
C) CloudWatch Logs status is set to ON versus SECURE, which prevents if from pulling in OS security event logs.
D) The VPC requires that all traffic go through a proxy, and the CloudWatch Logs agent does not support a proxy configuration.
Correct Answer:
Verified
Correct Answer:
Verified
Q144: An external auditor finds that a company's
Q145: An Amazon EC2 instance is part of
Q146: A Security Engineer discovered a vulnerability in
Q147: A company has a compliance requirement to
Q148: A company's architecture requires that its three
Q150: A company had one of its Amazon
Q151: A company has multiple AWS accounts that
Q152: A security engineer is responsible for providing
Q153: A recent security audit identified that a
Q154: A company's web application is hosted on