A Security Administrator at a university is configuring a fleet of Amazon EC2 instances. The EC2 instances are shared among students, and non-root SSH access is allowed. The Administrator is concerned about students attacking other AWS account resources by using the EC2 instance metadata service. What can the Administrator do to protect against this potential attack?
A) Disable the EC2 instance metadata service.
B) Log all student SSH interactive session activity.
C) Implement iptables-based restrictions on the instances.
D) Install the Amazon Inspector agent on the instances.
Correct Answer:
Verified
Q122: A company had one of its Amazon
Q123: A Security Engineer has discovered that, although
Q124: A Security Engineer is setting up an
Q125: A company has enabled Amazon GuardDuty in
Q126: An organization receives an alert that indicates
Q128: A corporate cloud security policy states that
Q129: The Security team believes that a former
Q130: An organization is using Amazon CloudWatch Logs
Q131: What are the MOST secure ways to
Q132: The Security Engineer for a mobile game
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents