Winter Sale Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 8w52ceb345

A company runs a web application on a fleet of Amazon EC2 instances that are...

Amazon Web Services SCS-C03 Full Course Access
Amazon Web Services SCS-C03 View All Questions

A company runs a web application on a fleet of Amazon EC2 instances that are in an Auto Scaling group. The EC2 instances are in the same VPC subnet as other workloads.

A security engineer deploys an Amazon GuardDuty detector in the same AWS Region as the EC2 instances and integrates GuardDuty with AWS Security Hub.

The security engineer needs to implement an automated solution to detect and appropriately respond to anomalous traffic patterns for the web application. The solution must comply with AWS best practices forinitial response to security incidentsand mustminimize disruptionto the web application.

Which solution will meet these requirements?

A.

Disable the EC2 instance profile credentials by using AWS Lambda.

B.

Create an Amazon EventBridge rule that invokes an AWS Lambda function when GuardDuty detects anomalous traffic. Configure the function to remove the affected instance from the Auto Scaling group and attach a restricted security group.

C.

Update the subnet network ACL to block traffic from the detected source IP addresses.

D.

Send GuardDuty findings to Amazon SNS for email notification.

SCS-C03 PDF/Engine
  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions
buy now SCS-C03 pdf
Get 60% Discount on All Products, Use Coupon: "8w52ceb345"
Next
A security engineer configured VPC Flow Logs to publish to Amazon CloudWatch Logs.
A company has AWS accounts in an organization in AWS Organizations.
Previous