ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty SCS-C02 All Questions

View all questions & answers for the AWS Certified Security - Specialty SCS-C02 exam
Go to Exam

Exam AWS Certified Security - Specialty SCS-C02 topic 1 question 71 discussion

Exam question from Amazon's AWS Certified Security - Specialty SCS-C02
Question #: 71
Topic #: 1
[All AWS Certified Security - Specialty SCS-C02 Questions]

A company uses AWS Signer with all of the company's AWS Lambda functions. A developer recently stopped working for the company. The company wants to ensure that all the code that the developer wrote can no longer be deployed to the Lambda functions.

Which solution will meet this requirement?

  • A. Revoke all versions of the signing profile assigned to the developer.
  • B. Examine the developer's IAM roles. Remove all permissions that grant access to Signer.
  • C. Re-encrypt all source code with a new AWS Key Management Service (AWS KMS) key.
  • D. Use Amazon CodeGuru to profile all the code that the Lambda functions use.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by oioi at Nov. 23, 2023, 8:22 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
IPLogic
3 months ago
Selected Answer: A
Option B, which involves examining the developer's IAM roles and removing all permissions that grant access to AWS Signer, is not as effective as revoking the signing profile. While removing IAM permissions can prevent the developer from accessing AWS Signer in the future, it does not invalidate the signatures that have already been created using the developer's signing profile. This means that any code signed by the developer before their permissions were revoked could still be deployed to the Lambda functions. Revoking all versions of the signing profile assigned to the developer ensures that any signatures generated by that profile are no longer valid, effectively preventing the deployment of the developer's cod
upvoted 1 times
...
rahav
1 year, 2 months ago
Selected Answer: A
https://docs.aws.amazon.com/signer/latest/developerguide/revocation.html
upvoted 1 times
...
vincentsr7
1 year, 2 months ago
The privilege has to be removed from signer , for this option b is the right answer
upvoted 1 times
helloworldabc
5 months, 2 weeks ago
just A
upvoted 1 times
...
...
vincentsr7
1 year, 2 months ago
Option A suggests revoking all versions of the signing profile assigned to the developer, but this is not the most effective solution for preventing the developer from deploying code to Lambda functions. Signing profiles primarily deal with the integrity and authenticity of code, rather than controlling the ability to deploy code
upvoted 1 times
...
kejam
1 year, 3 months ago
Selected Answer: A
Answer A New URL: https://docs.aws.amazon.com/signer/latest/developerguide/revocation.html
upvoted 3 times
...
lmimi
1 year, 3 months ago
A Refer to https://docs.aws.amazon.com/signer/latest/developerguide/revoking.html https://docs.aws.amazon.com/signer/latest/developerguide/revoking.html
upvoted 3 times
...
AgboolaKun
1 year, 3 months ago
Selected Answer: A
A is the correct answer. Revoke the developer signing profile - https://docs.aws.amazon.com/signer/latest/developerguide/revocation.html
upvoted 2 times
...
[Removed]
1 year, 3 months ago
Selected Answer: A
A will handle prevention
upvoted 2 times
...
oioi
1 year, 3 months ago
Selected Answer: B
correct
upvoted 1 times
Aamee
1 year, 3 months ago
Source pls?
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago