ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty SCS-C02 All Questions

View all questions & answers for the AWS Certified Security - Specialty SCS-C02 exam
Go to Exam

Exam AWS Certified Security - Specialty SCS-C02 topic 1 question 246 discussion

Exam question from Amazon's AWS Certified Security - Specialty SCS-C02
Question #: 246
Topic #: 1
[All AWS Certified Security - Specialty SCS-C02 Questions]

A company is testing incident response procedures for destination containment. The company needs to contain a critical Amazon EC2 instance as quickly as possible while keeping the EC2 instance running. The EC2 instance is the only resource in a public subnet and has active connections to other resources.

Which solution will contain the EC2 instance IMMEDIATELY?

  • A. Create a new security group that has no inbound rules or outbound rules. Attach the new security group to the EC2 instance.
  • B. Configure the existing security group for the EC2 instance. Remove all existing inbound rules and outbound rules from the security group.
  • C. Create a new network ACL that has a single Deny rule for inbound traffic and outbound traffic. Associate the new network ACL with the subnet that contains the EC2 instance.
  • D. Create a new VPC for isolation. Stop the EC2 instance. Create a new AMI from the EC2 instance. Use the new AMI to launch a new EC2 instance in the new VPC.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by 723993f at Nov. 26, 2024, 1:12 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
itsjunukim
5 days, 20 hours ago
Selected Answer: C
Changing security groups associated with a running instance does not interrupt existing connections.
upvoted 1 times
...
Kaps443
1 week, 1 day ago
Selected Answer: A
Create a new security group that has no inbound rules or outbound rules. Attach the new security group to the EC2 instance. This method: Is fast, reversible, and non-destructive. Immediately isolates the instance from the network. Complies with the requirement to keep the EC2 instance running.
upvoted 1 times
...
phmeeeee
2 weeks, 3 days ago
Selected Answer: A
I go with A, why? - It not break another instance in same subnet, just only the instance. - Immediatly stopping the connection.
upvoted 1 times
...
slydie
1 month, 4 weeks ago
Selected Answer: C
Modifying Security Group Rule NEVER disrupts its tracked connections • Existing connections are kept until they time out • Use NACLs to interrupt/block connections immediately!!
upvoted 1 times
...
TareDHakim
3 months, 3 weeks ago
Selected Answer: C
sorry I meant C is the better option
upvoted 1 times
...
TareDHakim
3 months, 3 weeks ago
Selected Answer: D
while a new SG with no rules would immediately isolate an instance, the old security group would still provide connections, the question did not mention removing or replacing it. D seems to be the better option here
upvoted 1 times
...
Pmktechno
3 months, 4 weeks ago
Selected Answer: A
Creating a new security group with no inbound or outbound rules and attaching it to the EC2 instance will effectively isolate the instance from any network traffic, both incoming and outgoing. This method is quick and ensures that the instance remains running while being contained. It avoids the need to modify existing security groups or network ACLs, which could affect other resources. This approach provides immediate containment, allowing you to maintain the instance's state for further investigation and remediation.
upvoted 2 times
...
IPLogic
4 months, 3 weeks ago
Selected Answer: C
Given that there are no other resources in the subnet apart from the EC2 instance, the most immediate and effective way to contain the instance while keeping it running is: C. Create a new network ACL that has a single Deny rule for inbound traffic and outbound traffic. Associate the new network ACL with the subnet that contains the EC2 instance. This approach will instantly isolate the EC2 instance from the network by denying all inbound and outbound traffic at the subnet level, ensuring no accidental connections can be made.
upvoted 2 times
...
HappyG
4 months, 4 weeks ago
Selected Answer: A
When you need to immediately contain an EC2 instance while keeping it running, applying a security group with no inbound or outbound rules is the fastest and most effective way to isolate the instance.
upvoted 2 times
...
723993f
5 months ago
Selected Answer: C
nacl is stateless and will have immediate isolation effect while sgs will continue to let connections be until they end, we dont care about other ec2s in the subnet because there arent any
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago