Pre Black Friday Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: myex65

 
Home > Amazon Web Services > AWS Certified Specialty > SCS-C02

SCS-C02 - AWS Certified Security - Specialty

Download PDF Demo

Amazon Web Services SCS-C02 Last Week Results!

11

Customers Passed
Amazon Web Services SCS-C02

89%

Average Score In Real
Exam At Testing Centre

87%

Questions came word by
word from this dump

287

Total Questions
Amazon Web Services SCS-C02 Questions Answers

Choosing Examcollection SCS-C02 VCE is to Ensure Career Goals

We Provide You the Best Opportunity to Develop Your Professional Profile!

Myexamcollection provides you with the best pathway to get through exam SCS-C02 VCE, one of the best industry-relevant IT certification exams. Examcollection SCS-C02 VCE is the best to help you in your ambition and reach your destination with flying colors.

Examcollection SCS-C02 VCE Practice Test

Examcollection SCS-C02 vce study test, having simplified and to the point information, explanatory notes, practice tests and braindumps will provide you with the most exciting learning experience of your life. The SCS-C02 VCE questions and answers have been prepared keeping in view the previous exams and the latest SCS-C02 exam questions format of the real exam. They provide you information on the entire syllabus and enhance your exposure to ensure a brilliant exam success. The language of the examcollection SCS-C02 vce is quite simple to understand so that candidates from varying academic backgrounds can follow the content without facing any difficulty.

Examcollection SCS-C02 dumps vce also contain the practice tests that will help you revise certification syllabus, strengthen your learning and get command over the real exam SCS-C02 VCE questions format. You can also learn to manage time properly for the actual exam and get an excellent result.

AWS Certified Specialty Exam VCE SCS-C02 Dumps

Latest Examcollection SCS-C02 braindumps will definitely fascinate you with the select number of important questions and answers. They are the gist of the entire syllabus and will most likely make your paper. Prepared by the best industry experts, exam collection SCS-C02 dumps can help you get the maximum exam score.

Extra Benefits

Quality stands as the first priority to Examcollection. Hence you will find the content in SCS-C02 examcollection dumps superb and matching your real exam needs. The study material is constantly updated adding all the syllabus modification by the vendors. You will get free examcollection SCS-C02 vce updates for a period of three months from the time of product purchase. The clients can also benefit from the online help of examcollection vce and get the best guidance on all exam vce SCS-C02 related issues free of charge.

Why so many Experts Recommend Myexamcollection ?

SCS-C02 Questions and Answers

Question # 1

A company is building a data processing application that uses AWS Lambda functions The application's Lambda functions need to communicate with an Amazon RDS OB instance that is deployed within a VPC in the same AWS account

Which solution meets these requirements in the MOST secure way?

A.

Configure the DB instance to allow public access Update the DB instance security group to allow access from the Lambda public address space for the AWS Region

B.

Deploy the Lambda functions inside the VPC Attach a network ACL to the Lambda subnet Provide outbound rule access to the VPC CIDR range only Update the DB instance security group to allow traffic from 0 0 0 0/0

C.

Deploy the Lambda functions inside the VPC Attach a security group to the Lambda functions Provide outbound rule access to the VPC CIDR range only Update the DB instance security group to allow traffic from the Lambda security group

D.

Peer the Lambda default VPC with the VPC that hosts the DB instance to allow direct network access without the need for security groups

Question # 2

A company needs complete encryption of the traffic between external users and an application. The company hosts the application on a fleet of Amazon EC2 instances that run in an Auto Scaling group behind an Application Load Balancer (ALB).

How can a security engineer meet these requirements?

A.

Create a new Amazon-issued certificate in AWS Secrets Manager. Export the certificate from Secrets Manager. Import the certificate into the ALB and the EC2 instances.

B.

Create a new Amazon-issued certificate in AWS Certificate Manager (ACM). Associate the certificate with the ALB. Export the certificate from ACM. Install the certificate on the EC2 instances.

C.

Import a new third-party certificate into AWS Identity and Access Management (IAM). Export the certificate from IAM. Associate the certificate with the ALB and the EC2 instances.

D.

Import a new third-party certificate into AWS Certificate Manager (ACM). Associate the certificate with the ALB. Install the certificate on the EC2 instances.

Question # 3

A security engineer needs to develop a process to investigate and respond to po-tential security events on a company's Amazon EC2 instances. All the EC2 in-stances are backed by Amazon Elastic Block Store (Amazon EBS). The company uses AWS Systems Manager to manage all the EC2 instances and has installed Systems Manager Agent (SSM Agent) on all the EC2 instances.

The process that the security engineer is developing must comply with AWS secu-rity best practices and must meet the following requirements:

• A compromised EC2 instance's volatile memory and non-volatile memory must be preserved for forensic purposes.

• A compromised EC2 instance's metadata must be updated with corresponding inci-dent ticket information.

• A compromised EC2 instance must remain online during the investigation but must be isolated to prevent the spread of malware.

• Any investigative activity during the collection of volatile data must be cap-tured as part of the process.

Which combination of steps should the security engineer take to meet these re-quirements with the LEAST operational overhead? (Select THREE.)

A.

Gather any relevant metadata for the compromised EC2 instance. Enable ter-mination protection. Isolate the instance by updating the instance's secu-rity groups to restrict access. Detach the instance from any Auto Scaling groups that the instance is a member of. Deregister the instance from any Elastic Load Balancing (ELB) resources.

B.

Gather any relevant metadata for the compromised EC2 instance. Enable ter-mination protection. Move the instance to an isolation subnet that denies all source and destination traffic. Associate the instance with the subnet to restrict access. Detach the instance from any Auto Scaling groups that the instance is a member of. Deregister the instance from any Elastic Load Balancing (ELB) resources.

C.

Use Systems Manager Run Command to invoke scripts that collect volatile data.

D.

Establish a Linux SSH or Windows Remote Desktop Protocol (RDP) session to the compromised EC2 instance to invoke scripts that collect volatile data.

E.

Create a snapshot of the compromised EC2 instance's EBS volume for follow-up investigations. Tag the instance with any relevant metadata and inci-dent ticket information.

F.

Create a Systems Manager State Manager association to generate an EBS vol-ume snapshot of the compromised EC2 instance. Tag the instance with any relevant metadata and incident ticket information.

View More SCS-C02 Questions

Amazon Web Services Related Exam in MyExamCollection

The followings list Amazon Web Services Related in MyExamCollection, If you have other Amazon Web Services certifications you want added please contact us.

Add a Comment

Comment will be moderated and published within 1-2 hours
Copyright myexamcollection.com. All Right Reserved.