Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty SCS-C02 All Questions

View all questions & answers for the AWS Certified Security - Specialty SCS-C02 exam
Go to Exam

Exam AWS Certified Security - Specialty SCS-C02 topic 1 question 77 discussion

Exam question from Amazon's AWS Certified Security - Specialty SCS-C02
Question #: 77
Topic #: 1
[All AWS Certified Security - Specialty SCS-C02 Questions]

A company maintains an open-source application that is hosted on a public GitHub repository. While creating a new commit to the repository, an engineer uploaded their AWS access key and secret access key. The engineer reported the mistake to a manager, and the manager immediately disabled the access key.

The company needs to assess the impact of the exposed access key. A security engineer must recommend a solution that requires the least possible managerial overhead.

Which solution meets these requirements?

  • A. Analyze an AWS Identity and Access Management (IAM) use report from AWS Trusted Advisor to see when the access key was last used.
  • B. Analyze Amazon CloudWatch Logs for activity by searching for the access key.
  • C. Analyze VPC flow logs for activity by searching for the access key.
  • D. Analyze a credential report in AWS Identity and Access Management (IAM) to see when the access key was last used.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by oioi at Nov. 23, 2023, 8:40 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
Just_Ninja
2 weeks, 2 days ago
Selected Answer: D
If we will get an Hint in the Question like Business or Enterprise Support, then i will choose A. But here is no Hint, so D ist the best Solution.
upvoted 1 times
...
Davidng88
2 weeks, 5 days ago
Selected Answer: A
AWS Trusted Advisor provides a comprehensive IAM use report that includes details on when access keys were last used. This report can quickly help you determine if the exposed key was used after it was uploaded to the public repository.
upvoted 1 times
...
Sodev
6 months ago
"The company needs to assess the impact of the exposed access key" is not right sentence. IAM credential report only show, last active, last active region. It is not show what resource or API is called after exposing keys. => To "Assess the impact" need analyzer Cloudtrail logs.
upvoted 1 times
...
ion_gee
6 months ago
Selected Answer: D
D is the best Answer. https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html B is not a good answer in this scenario because cloudwatch should be used for monitoring and analyzing log data, and the access key may not be in plaintext due to security reasons. CloudWatch would be more useful for monitoring specific application or system activity rather than tracking the usage of an exposed access key.
upvoted 1 times
...
Raphaello
7 months, 1 week ago
Selected Answer: B
Best answer is B. The ask is to " assess the impact of the exposed access key", which mean how the exposed access key has been used. Credential report does not include such information, it includes information about the credential itself..when it was created, last used, last changed. Not useful to assess the impact.
upvoted 2 times
...
brpjp
9 months ago
Selected Answer: B is correct. Question is to analyze impact of exposed access key. From credential report you know only key last used, but not able to determine how many times key used and what activities performed.
upvoted 1 times
...
rahav
9 months, 2 weeks ago
Selected Answer: D
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html
upvoted 2 times
...
3633f8f
9 months, 3 weeks ago
Selected Answer: D
Least effort.
upvoted 2 times
...
kejam
10 months, 1 week ago
Selected Answer: D
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html
upvoted 2 times
...
[Removed]
10 months, 2 weeks ago
Selected Answer: D
D 99.999999% sure
upvoted 3 times
...
oioi
10 months, 2 weeks ago
Selected Answer: D
correct
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel