New Year Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: get65

Amazon Web Services Updated SCS-C01 Exam Questions and Answers by asma

Page: 5 / 43

Amazon Web Services SCS-C01 Exam Overview :

Exam Name: AWS Certified Security - Specialty
Exam Code: SCS-C01 Dumps
Vendor: Amazon Web Services Certification: AWS Certified Specialty
Questions: 589 Q&A's Shared By: asma
Question 20

After multiple compromises of its Amazon EC2 instances, a company's Security Officer is mandating that memory dumps of compromised instances be captured for further analysis. A Security Engineer just received an EC2 abuse notification report from IAM stating that an EC2 instance running the most recent Windows Server 2019 Base AMI is compromised.

How should the Security Engineer collect a memory dump of the EC2 instance for forensic analysis?

Options:

A.

Give consent to the IAM Security team to dump the memory core on the compromised instance and provide it to IAM Support for analysis.

B.

Review memory dump data that the IAM Systems Manager Agent sent to Amazon CloudWatch Logs.

C.

Download and run the EC2Rescue for Windows Server utility from IAM.

D.

Reboot the EC2 Windows Server, enter safe mode, and select memory dump.

Discussion
Question 21

A company's security team has defined a set of IAM Config rules that must be enforced globally in all IAM accounts the company owns. What should be done to provide a consolidated compliance overview for the security team?

Options:

A.

Use IAM Organizations to limit IAM Config rules to the appropriate Regions, and then consolidate the Amazon CloudWatch dashboard into one IAM account.

B.

Use IAM Config aggregation to consolidate the views into one IAM account, and provide role access to the security team.

C.

Consolidate IAM Config rule results with an IAM Lambda function and push data to Amazon SQS. Use Amazon SNS to consolidate and alert when some metrics are triggered.

D.

Use Amazon GuardDuty to load data results from the IAM Config rules compliance status, aggregate GuardDuty findings of all IAM accounts into one IAM account, and provide role access to the security team.

Discussion
Nadia
Why these dumps are important? Can I pass my exam without these dumps?
Julian Oct 22, 2024
The questions in the Cramkey dumps are explained in detail and there are also study notes and reference materials provided. This made it easier for me to understand the concepts and retain the information better.
Teddie
yes, I passed my exam with wonderful score, Accurate and valid dumps.
Isla-Rose Aug 18, 2024
Absolutely! The questions in the dumps were almost identical to the ones that appeared in the actual exam. I was able to answer almost all of them correctly.
Yusra
I passed my exam. Cramkey Dumps provides detailed explanations for each question and answer, so you can understand the concepts better.
Alisha Aug 29, 2024
I recently used their dumps for the certification exam I took and I have to say, I was really impressed.
River
Hey, I used Cramkey Dumps to prepare for my recent exam and I passed it.
Lewis Sep 11, 2024
Yeah, I used these dumps too. And I have to say, I was really impressed with the results.
Wyatt
Passed my exam… Thank you so much for your excellent Exam Dumps.
Arjun Sep 18, 2024
That sounds really useful. I'll definitely check it out.
Question 22

A company's web application is hosted on Amazon EC2 instances running behind an Application Load Balancer (ALB) in an Auto Scaling group. An IAM WAF web ACL is associated with the ALB. IAM CloudTrail is enabled, and stores logs in Amazon S3 and Amazon CloudWatch Logs.

The operations team has observed some EC2 instances reboot at random. After rebooting, all access logs on the instances have been deleted. During an investigation, the operations team found that each reboot happened just after a PHP error occurred on the new-user-creation.php file. The operations team needs to view log information to determine if the company is being attacked.

Which set of actions will identify the suspect attacker's IP address for future occurrences?

Options:

A.

Configure VPC Flow Logs on the subnet where the ALB is located, and stream the data CloudWatch. Search for the new-user-creation.php occurrences in CloudWatch.

B.

Configure the CloudWatch agent on the ALB Configure the agent to send application logs to CloudWatch Update the instance role to allow CloudWatch Logs access. Export the logs to CloudWatch Search for the new-user-creation.php occurrences in CloudWatch.

C.

Configure the ALB to export access logs to an Amazon Elasticsearch Service cluster, and use the service to search for the new-user-creation.php occurrences.

D.

Configure the web ACL to send logs to Amazon Kinesis Data Firehose, which delivers the logs to an S3 bucket Use Amazon Athena to query the logs and find the new-user-creation php occurrences.

Discussion
Question 23

A security engineer needs to configure monitoring and auditing for IAM Lambda.

Which combination of actions using IAM services should the security engineer take to accomplish this goal? (Select TWO.)

Options:

A.

Use IAM Config to track configuration changes to Lambda functions, runtime environments, tags, handler names, code sizes, memory allocation, timeout settings, and concurrency settings, along with Lambda IAM execution role, subnet, and security group associations.

B.

Use IAM CloudTrail to implement governance, compliance, operational, and risk auditing for Lambda.

C.

Use Amazon Inspector to automatically monitor for vulnerabilities and perform governance, compliance, operational, and risk auditing for Lambda.

D.

Use IAM Resource Access Manager to track configuration changes to Lambda functions, runtime environments, tags, handler names, code sizes, memory allocation, timeout settings, and concurrency settings, along with Lambda IAM execution role, subnet, and security group associations.

E.

Use Amazon Macie to discover, classify, and protect sensitive data being executed inside the Lambda function.

Discussion
Page: 5 / 43
Title
Questions
Posted

SCS-C01
PDF

$36.75  $104.99

SCS-C01 Testing Engine

$43.75  $124.99

SCS-C01 PDF + Testing Engine

$57.75  $164.99