A company uses AWS Organizations. According to compliance requirements, the company’s applications that are hosted on Amazon EC2 instances must never use IAM credentials from Instance Metadata Service Version 1 (IMDSv1). What should a security engineer do to meet this requirement?

Topic #: - All AWS Certified Security - Specialty Questions

A. Create a security group that denies access on HTTP to 169.254.169.254. Attach this security group to all EC2 instances.
B. Deactivate all access to IMDSv1 through the instance metadata options when using the AWS CLI, AWS API, or AWS Management Console to launch an EC2 instance.
C. Attach the following SCP to the root OU in AWS Organizations:
D. Attach the following SCP to the root OU in AWS Organizations:
Most Voted

- Awsexamhub website is not related to, affiliated with, endorsed or authorized by Amazon.
- Trademarks, certification & product names are used for reference only and belong to Amazon.

A company uses AWS Organizations. According to compliance requirements, the company’s applications that are hosted on Amazon EC2 instances must never use IAM credentials from Instance Metadata Service Version 1 (IMDSv1). What should a security engineer do to meet this requirement?

Suggested Answer:

Reference Material:

A company uses AWS Organizations. According to compliance requirements, the company’s applications that are hosted on Amazon EC2 instances must never use IAM credentials from Instance Metadata Service Version 1 (IMDSv1). What should a security engineer do to meet this requirement?

Suggested Answer:

Reference Material:

Share this post

Join the Discussion