A development team is creating an open source toolset to manage a company’s software as a service (SaaS) application. The company stores the code in a public repository so that anyone can view and download the toolset’s code. The company discovers that the code contains an IAM access key and secret key that provide access to internal resources in the company’s AWS environment A security engineer must implement a solution to identify whether unauthorized usage of the exposed credentials has occurred. The solution also must prevent any additional usage of the exposed credentials. Which combination of steps will meet these requirements? (Choose two.)

Topic #: - All AWS Certified Security - Specialty SCS-C02 Questions

A. Use AWS Identity and Access Management Access Analyzer to determine which resources the exposed credentials accessed and who used them.
B. Deactivate the exposed IAM access key from the user’s IAM account.
C. Create a rule in Amazon GuardDuty to block the access key in the source code from being used.
D. Create a new IAM access key and secret key for the user whose credentials were exposed.
E. Generate an IAM credential report. Check the report to determine when the user that owns the access key last logged in.

- Awsexamhub website is not related to, affiliated with, endorsed or authorized by Amazon.
- Trademarks, certification & product names are used for reference only and belong to Amazon.

Suggested Answer:

Share this post

Join the Discussion