What immediate action should the security engineer take?

SCS-C01 0 Comments

A security engineer has noticed that VPC Flow Logs are getting a lot REJECT traffic originating from a single Amazon EC2 instance in an Auto Scaling group. The security engineer is concerned that this EC2 instance may be compromised.

What immediate action should the security engineer take?
A . Remove me instance from the Auto Seating group Close me security group mm ingress only from a single forensic P address to perform an analysis.
B . Remove me instance from the Auto Seating group Change me network ACL rules to allow traffic only from a single forensic IP address to perform en analysis Add a rule to deny all other traffic.
C . Remove the instance from the Auto Scaling group Enable Amazon GuardDuty in that AWS account Install the Amazon Inspector agent cm the suspicious EC 2 instance to perform a scan.
D . Take a snapshot of the suspicious EC2 instance. Create a new EC2 instance from me snapshot in a closed security group with ingress only from a single forensic IP address to perform an analysis

Answer: B

Latest SCS-C01 Dumps Valid Version with 470 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download SCS-C01 PDF     SCS-C01 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments