A company had one of its Amazon EC2 key pairs compromised. A Security Engineer must identify which current Linux EC2 instances were deployed and used the compromised key pair. How can this task be accomplished?
A) Obtain the list of instances by directly querying Amazon EC2 using: aws ec2 describe-instances --filters "Name=key-name,Values=KEYNAMEHERE" . Obtain the list of instances by directly querying Amazon EC2 using: aws ec2 describe-instances --filters "Name=key-name,Values=KEYNAMEHERE" .
B) Obtain the fingerprint for the key pair from the AWS Management Console, then search for the fingerprint in the Amazon Inspector logs.
C) Obtain the output from the EC2 instance metadata using: curl http://169.254.169.254/latest/meta-data/public-keys/0/ . Obtain the output from the EC2 instance metadata using: curl http://169.254.169.254/latest/meta-data/public-keys/0/
D) Obtain the fingerprint for the key pair from the AWS Management Console, then search for the fingerprint in Amazon CloudWatch Logs using: aws logs filter-log-events . Obtain the fingerprint for the key pair from the AWS Management Console, then search for the fingerprint in Amazon CloudWatch Logs using: aws logs filter-log-events
Correct Answer:
Verified
Q155: An Application Developer is using an AWS
Q156: A company's Developers plan to migrate their
Q157: AWS CloudTrail is being used to monitor
Q158: A company is developing a highly resilient
Q159: A Security Engineer discovers that developers have
Q161: A company's Security Engineer has been tasked
Q162: A company has an application hosted in
Q163: An organization wants to log all AWS
Q164: A company recently performed an annual security
Q165: After multiple compromises of its Amazon EC2
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents