A security engineer needs to prepare a company ' s Amazon EC2 instances for quarantine during a security incident. The AWS Systems Manager Agent (SSM Agent) has been deployed to all EC2 instances.
The security engineer has developed a script to install and update forensics tools on the EC2 instances.
Which solution will quarantine EC2 instances during a security incident?
A. Create a rule in AWS Config to track SSM Agent versions.A developer accidentally committed an IAM access key and secret access key to a public repository. The security team must stop further use of the exposed key and determine whether the key was used after exposure.
A. Delete the IAM user immediately and review only the current billing dashboard.A company has AWS accounts in an organization in AWS Organizations. An Amazon S3 bucket in one account is publicly accessible. A security engineer must remove public access and ensure the bucket cannot be made public again.
Which solution will meet these requirements?
A. Enforce KMS encryption and deny s3:GetObject by SCP.A company receives an alert from AWS Support. The alert shows a compromised access key on a single standalone AWS account. A security engineer must determine the scope of the issue. Then, the security engineer must triage and remediate the issue.
Which solution will meet these requirements?
A. Delete the IAM user that has the AWSCompromisedKeyQuarantineV3 policy attached. Review Amazon CloudWatch for suspicious activity.A company must inventory sensitive data across all Amazon S3 buckets in all accounts from a single security account.
A. Delegate Amazon Macie and Security Hub administration.A company's security policy requires all Amazon EC2 instances to use the Amazon Time Sync Service.
AWS CloudTrail trails are enabled in all of the company's AWS accounts. VPC Flow Logs are enabled for all VPCs.
A security engineer must identify any EC2 instances that attempt to use Network Time Protocol (NTP) servers on the internet.
Which solution will meet these requirements?
A. Monitor CloudTrail logs for API calls to non-standard time servers.A company that uses AWS Organizations is using AWS IAM Identity Center to administer access to AWS accounts. A security engineer is creating a custom permission set in IAM Identity Center. The company will
use the permission set across multiple accounts. An AWS managed policy and a customer managed policy are attached to the permission set. The security engineer has full administrative permissions and is operating
in the management account.
When the security engineer attempts to assign the permission set to an IAM Identity Center user who has access to multiple accounts, the assignment fails.
What should the security engineer do to resolve this failure?
A. Create the customer managed policy in every account where the permission set is assigned. Give the customer managed policy the same name and same permissions in each account.A security analyst is investigating a high severity finding that involves an IAM role, several API calls, DNS activity, and network connections from a workload account. The analyst needs to understand relationships among the finding, the IAM role, and related activity without manually joining raw logs.
A. Use Amazon Detective to investigate the finding and review the related entities and behavior.A company runs critical workloads in an on-premises data center. The company wants to implement an AWS based disaster recovery (DR) solution that will achieve an RTO of less than 1 hour. The company needs to continuously replicate physical and virtual servers. The company must optimize costs for data storage and bandwidth usage. The DR solution must be automated.
Which solution will meet these requirements?
A. Use AWS Backup to directly replicate the on-premises servers to AWS. Enable cross-Region backup copying and data vaulting. Configure recovery points to match the defined RTO. Use AWS Step Functions to automate recovery steps.A company runs workloads in an AWS account. A security engineer observes some unusual findings in Amazon GuardDuty. The security engineer wants to investigate a specific IAM role and generate an investigation report. The report must contain details about anomalous behavior and any indicators of compromise.
Which solution will meet these requirements?
A. Use Amazon Detective to perform an investigation on the IAM role.Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SCS-C03 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.