SCS-C02 · Question #230
SCS-C02 Question #230: Real Exam Question with Answer & Explanation
Sign in or unlock SCS-C02 to reveal the answer and full explanation for question #230. The question stem and answer options stay visible for context.
Question
A company has an application on Amazon EC2 instances that store confidential customer data. The company must restrict access to customer data. A security engineer requires secure access to the instances that host the application. According to company policy, users must not open any inbound ports, maintain bastion hosts, or manage SSH keys for the EC2 instances. The security engineer wants lo monitor, store, and access all session activity logs. The logs must be encrypted. Which solution will meet these requirements?
Options
- AUse AWS Control Tower to connect to the EC2 instances. Configure Amazon CloudWatch
- BUse AWS Security Hub to connect to the EC2 instances. Configure Amazon CloudWatch logging
- CUse AWS Systems Manager Session Manager to connect to the EC2 instances. Configure
- DUse AWS Systems Manager Session Manager to connect to the EC2 instances. Configure
Unlock SCS-C02 to see the answer
You've previewed enough free SCS-C02 questions. Unlock SCS-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.