How can the Security Engineer further protect currently running instances?

A Developer’s laptop was stolen. The laptop was not encrypted, and it contained the SSH key used to access multiple Amazon EC2 instances. A Security Engineer has verified that the key has not been used, and has blocked port 22 to all EC2 instances while developing a response plan.

How can the Security Engineer further protect currently running instances?
A . Delete the key-pair key from the EC2 console, then create a new key pair.
B . Use the modify-instance-attributeAPI to change the key on any EC2 instance that is using the key.
C . Use the EC2 RunCommand to modify the authorized_keys file on any EC2 instance that is using the key.
D . Update the key pair in any AMI used to launch the EC2 instances, then restart the EC2 instances.

Answer: C

Explanation:

Reference: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html#delete-key-pair

Latest SCS-C01 Dumps Valid Version with 470 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments