A company is using an organization in AWS Organizations to manage its AWS accounts. The company runs its primary application on Amazon EC2 instances. A security engineer discovers unauthorized access in one of the company’s developer AWS accounts. An investigation reveals that AWS access keys from the developer account were mistakenly added to public source code repository. Which combination of actions should the security engineer take to secure the compromised account? (Choose two.)

Topic #: - All AWS Certified Security - Specialty Questions

A. Rotate all the access key pairs in the compromised account. Most Voted
B. Create security group that denies traffic from the internet. Attach the security group to all EC2 instances in the compromised account
C. Temporarily remove the compromised account from the organization.
D. Delete all EC2 key pairs in the compromised account.
E. Delete any potentially unauthorized IAM users in the compromised account. Change the password for all other IAM users. Most Voted

- Awsexamhub website is not related to, affiliated with, endorsed or authorized by Amazon.
- Trademarks, certification & product names are used for reference only and belong to Amazon.

Suggested Answer:

Share this post

Join the Discussion