AmazonAmazon
SCS-C02 · Question #45
SCS-C02 Question #45: Real Exam Question with Answer & Explanation
Sign in or unlock SCS-C02 to reveal the answer and full explanation for question #45. The question stem and answer options stay visible for context.
Submitted by the_admin· Mar 6, 2026
Question
A company is migrating its Amazon EC2 based applications to use Instance Metadata Service Version 2 (IMDSv2). A security engineer needs to determine whether any of the EC2 instances are still using Instance Metadata Service Version 1 (IMDSv1). What should the security engineer do to confirm that the IMDSv1 endpoint is no longer being used?
Options
- AConfigure logging on the Amazon CloudWatch agent for IMDSv1 as part of EC2 instance startup.
- BCreate an Amazon CloudWatch dashboard. Verify that the EC2:MetadataNoToken metric is zero
- CCreate a security group that blocks access to HTTP for the IMDSv1 endpoint. Attach the security
- DConfigure user data scripts for all EC2 instances to send logging information to AWS CloudTrail
Unlock SCS-C02 to see the answer
You've previewed enough free SCS-C02 questions. Unlock SCS-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.