Free Amazon SCS-C02 Exam Questions

Become Amazon Certified with updated SCS-C02 exam questions and correct answers

Page:    1 / 105      
Total 522 Questions | Updated On: Mar 11, 2025
Add To Cart
Question 1

A company needs a forensic-logging solution for hundreds of applications running in Docker on Amazon EC2 The solution must perform real-time analytics on the togs must support the replay of messages and must persist the logs. Which IAM services should be used to meet these requirements? (Select TWO)


Answer: B,D
Question 2

A company in France uses Amazon Cognito with the Cognito Hosted Ul as an identity broker for sign-in and sign-up processes. The company is marketing an application and expects that all the application's users will come from France. When the company launches the application the company's security team observes fraudulent sign-ups for the application. Most of the fraudulent registrations are from users outside of France. The security team needs a solution to perform custom validation at sign-up Based on the results of the validation the solution must accept or deny the registration request. Which combination of steps will meet these requirements? (Select TWO.)


Answer: B
Question 3

A security engineer is investigating a malware infection that has spread across a set of Amazon EC2 instances. A key indicator of the compromise is outbound traffic on TCP port 2905 to a set of command and control hosts on the internet. The security engineer creates a network ACL rule that denies the identified outbound traffic. The security engineer applies the network ACL rule to the subnet of the EC2 instances. The security engineer must identify any EC2 instances that are trying to communtcate on TCP port 2905. Which solution will identify the affected EC2 instances with the LEAST operational effort?


Answer: B
Question 4

A company needs to retain tog data archives for several years to be compliant with regulations. The tog data is no longer used but It must be retained What Is the MOST secure and cost-effective solution to meet these requirements?


Answer: B
Question 5

A security vulnerability has been discovered that could lead to sensitive data being leaked on TCP port 5601. The development team is working on updating the code, but it could take several days. A security engineer must identify any hosts attempting to send data over port 5601 and prevent the traffic leaving the network.
How can the security engineer accomplish this goal?


Answer: A
Page:    1 / 105      
Total 522 Questions | Updated On: Mar 11, 2025
Add To Cart

© Copyrights DumpsCertify 2025. All Rights Reserved

We use cookies to ensure your best experience. So we hope you are happy to receive all cookies on the DumpsCertify.