ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty SCS-C02 All Questions

View all questions & answers for the AWS Certified Security - Specialty SCS-C02 exam
Go to Exam

Exam AWS Certified Security - Specialty SCS-C02 topic 1 question 77 discussion

Exam question from Amazon's AWS Certified Security - Specialty SCS-C02
Question #: 77
Topic #: 1
[All AWS Certified Security - Specialty SCS-C02 Questions]

A company maintains an open-source application that is hosted on a public GitHub repository. While creating a new commit to the repository, an engineer uploaded their AWS access key and secret access key. The engineer reported the mistake to a manager, and the manager immediately disabled the access key.

The company needs to assess the impact of the exposed access key. A security engineer must recommend a solution that requires the least possible managerial overhead.

Which solution meets these requirements?

  • A. Analyze an AWS Identity and Access Management (IAM) use report from AWS Trusted Advisor to see when the access key was last used.
  • B. Analyze Amazon CloudWatch Logs for activity by searching for the access key.
  • C. Analyze VPC flow logs for activity by searching for the access key.
  • D. Analyze a credential report in AWS Identity and Access Management (IAM) to see when the access key was last used.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by oioi at Nov. 23, 2023, 8:40 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
de1612d
3 weeks, 5 days ago
Selected Answer: D
D. Analyze the AWS Identity and Access Management (IAM) credential report to determine the last time the access key was used.The AWS IAM credential report provides detailed information about the last usage date and time of access keys for each IAM user, as well as their status (active/inactive). By using this report, you can quickly and efficiently verify whether the exposed access key was used. Reason for low administrative overhead: The IAM credential report can be easily generated via the AWS Management Console or CLI, allowing direct access to the key's usage details without requiring additional setup or complex analysis.
upvoted 1 times
...
46e75dd
3 months ago
Selected Answer: B
With Credentials Report you will get when last used. However, to gain insights about what were the keys used for you'll have to look at the API calls made using those keys. Hence, you should use cloudtrail.
upvoted 2 times
...
Just_Ninja
11 months ago
Selected Answer: D
If we will get an Hint in the Question like Business or Enterprise Support, then i will choose A. But here is no Hint, so D ist the best Solution.
upvoted 1 times
...
Davidng88
11 months, 1 week ago
Selected Answer: A
AWS Trusted Advisor provides a comprehensive IAM use report that includes details on when access keys were last used. This report can quickly help you determine if the exposed key was used after it was uploaded to the public repository.
upvoted 1 times
NSA_Poker
10 months, 2 weeks ago
TrustAdvisor can just notify you if your key is exposed and also check for existence of IAM user to discourage root access https://docs.aws.amazon.com/awssupport/latest/user/trusted-advisor-check-reference.html#exposed-access-keys access_key_1_last_used_date is a column in the credential report CSV file. https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html#:~:text=access_key_1_last_used_date
upvoted 1 times
...
...
Sodev
1 year, 4 months ago
"The company needs to assess the impact of the exposed access key" is not right sentence. IAM credential report only show, last active, last active region. It is not show what resource or API is called after exposing keys. => To "Assess the impact" need analyzer Cloudtrail logs.
upvoted 1 times
...
ion_gee
1 year, 4 months ago
Selected Answer: D
D is the best Answer. https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html B is not a good answer in this scenario because cloudwatch should be used for monitoring and analyzing log data, and the access key may not be in plaintext due to security reasons. CloudWatch would be more useful for monitoring specific application or system activity rather than tracking the usage of an exposed access key.
upvoted 1 times
...
Raphaello
1 year, 5 months ago
Selected Answer: B
Best answer is B. The ask is to " assess the impact of the exposed access key", which mean how the exposed access key has been used. Credential report does not include such information, it includes information about the credential itself..when it was created, last used, last changed. Not useful to assess the impact.
upvoted 3 times
...
brpjp
1 year, 7 months ago
Selected Answer: B is correct. Question is to analyze impact of exposed access key. From credential report you know only key last used, but not able to determine how many times key used and what activities performed.
upvoted 1 times
...
rahav
1 year, 8 months ago
Selected Answer: D
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html
upvoted 2 times
...
3633f8f
1 year, 8 months ago
Selected Answer: D
Least effort.
upvoted 2 times
...
kejam
1 year, 8 months ago
Selected Answer: D
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html
upvoted 2 times
...
[Removed]
1 year, 8 months ago
Selected Answer: D
D 99.999999% sure
upvoted 3 times
...
oioi
1 year, 9 months ago
Selected Answer: D
correct
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel