A Security Engineer discovered a vulnerability in an application running on Amazon ECS. The vulnerability allowed attackers to install malicious code. Analysis of the code shows it exfiltrates data on port 5353 in batches at random time intervals. While the code of the containers is being patched, how can Engineers quickly identify all compromised hosts and stop the egress of data on port 5353?
A) Enable AWS Shield Advanced and AWS WAF. Configure an AWS WAF custom filter for egress traffic on port 5353
B) Enable Amazon Inspector on Amazon ECS and configure a custom assessment to evaluate containers that have port 5353 open. Update the NACLs to block port 5353 outbound.
C) Create an Amazon CloudWatch custom metric on the VPC Flow Logs identifying egress traffic on port 5353. Update the NACLs to block port 5353 outbound.
D) Use Amazon Athena to query AWS CloudTrail logs in Amazon S3 and look for any traffic on port 5353. Update the security groups to block port 5353 outbound.
Correct Answer:
Verified
Q128: A corporate cloud security policy states that
Q129: The Security team believes that a former
Q130: An organization is using Amazon CloudWatch Logs
Q131: What are the MOST secure ways to
Q132: The Security Engineer for a mobile game
Q134: An Amazon EC2 instance is part of
Q135: A Security Engineer is looking for a
Q136: The Security Engineer is managing a web
Q137: A company has multiple production AWS accounts.
Q138: Compliance requirements state that all communications between
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents