Amazon SCS-C01 AWS Certified Security - Specialty Exam Practice Test

Page:    1 / 14   
Total 529 questions

Question 1

Amazon GuardDuty has detected communications to a known command and control endpoint from a company's Amazon EC2 instance. The instance was found to be running a vulnerable version of a common web framework. The company's security operations team wants to quickly identity other compute resources with the specific version of that framework installed.

Which approach should the team take to accomplish this task?



Answer : C

Question 2

A security engineer has enabled AWS Security Hub in their AWS account, and has enabled the Center for internet Security (CIS) AWS Foundations compliance standard. No evaluation results on compliance are returned in the Security Hub console after several hours. The engineer wants to ensure that Security Hub can evaluate their resources for CIS AWS Foundations compliance.

Which steps should the security engineer take to meet these requirements?



Answer : A

Question 3

A developer 15 building a serverless application hosted on AWS that uses Amazon Redshift in a data store. The application has separate modules for read/write and read-only functionality. The modules need their own database users tor compliance reasons.

Which combination of steps should a security engineer implement to grant appropriate access' (Select TWO )



Answer : A, E

Page:    1 / 14   
Total 529 questions