SCS-C03 · Question #149
SCS-C03 Question #149: Real Exam Question with Answer & Explanation
Sign in or unlock SCS-C03 to reveal the answer and full explanation for question #149. The question stem and answer options stay visible for context.
Question
A company's security engineer receives an abuse notification from AWS. The notification indicates that someone is hosting malware from the company's AWS account. After investigation, the security engineer finds a new Amazon S3 bucket that an IAM user created without authorization. Which combination of steps should the security engineer take to MINIMIZE the consequences of this compromise? (Select THREE.)
Options
- AEncrypt all AWS CloudTrail logs.
- BTurn on Amazon GuardDuty.
- CChange the password for all IAM users.
- DRotate or delete all AWS access keys.
- ETake snapshots of all Amazon Elastic Block Store (Amazon EBS) volumes.
- FDelete any resources that are unrecognized or unauthorized.
Unlock SCS-C03 to see the answer
You've previewed enough free SCS-C03 questions. Unlock SCS-C03 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.