A company’s security administrator receives an AWS Abuse notification that an IAM user’s access key might be compromised. A legacy application uses the IAM user. The security administrator must remediate the potential compromise with the least possible downtime to the application. Which solution will meet these requirements?

Topic #: - All AWS Certified Security - Specialty Questions

A. Delete the IAM user’s access key Immediately. Create a new access key to update in the legacy application.
B. Create a new access key for the IAM user. Update the latest application version to use the new access key. Deactivate the compromised access key.
C. Attach an IAM policy to revoke all sessions from before the time of the AWS Abuse notification.
D. Update the legacy application to use an IAM role that has the same permissions as the IAM user.

- Awsexamhub website is not related to, affiliated with, endorsed or authorized by Amazon.
- Trademarks, certification & product names are used for reference only and belong to Amazon.

Suggested Answer:

Share this post

Join the Discussion