DOP-C02 · Question #168
DOP-C02 Question #168: Real Exam Question with Answer & Explanation
Sign in or unlock DOP-C02 to reveal the answer and full explanation for question #168. The question stem and answer options stay visible for context.
Question
A security team is concerned that a developer can unintentionally attach an Elastic IP address to an Amazon EC2 instance in production. No developer should be allowed to attach an Elastic IP address to an instance. The security team must be notified if any production server has an Elastic IP address at any time. How can this task be automated?
Options
- AUse Amazon Athena to query AWS CloudTrail logs to check for any associate-address attempts.
- BAttach an IAM policy to the developers' IAM group to deny associate-address permissions. Create
- CEnsure that all IAM groups associated with developers do not have associate-address
- DCreate an AWS Config rule to check that all production instances have EC2 IAM roles that
Unlock DOP-C02 to see the answer
You've previewed enough free DOP-C02 questions. Unlock DOP-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.