Become Amazon Certified with updated SCS-C02 exam questions and correct answers
A company hosts business-critical applications on Amazon EC2 instances in a VPC. The VPC uses default
DHCP options sets. A security engineer needs to log all DNS queries that internal resources make in the VPC.
The security engineer also must create a list of the most common DNS queries over time.
Which solution will meet these requirements?
A company needs to follow security best practices to deploy resources from an AWS CloudFormation
template. The CloudFormation template must be able to configure sensitive database credentials. The company already uses AWS Key Management Service (AWS KMS) and AWS Secrets Manager.
Which solution will meet the requirements?
A security engineer has created an Amazon GuardDuty detector in several AWS accounts. The accounts are in an organization in AWS Organizations. The security engineer needs centralized visibility of the security findings from the detectors.
A company deployed Amazon GuardDuty In the us-east-1 Region. The company wants all DNS logs that
relate to the company's Amazon EC2 instances to be inspected. What should a security engineer do to ensure
that the EC2 instances are logged?
© Copyrights DumpsCertify 2025. All Rights Reserved
We use cookies to ensure your best experience. So we hope you are happy to receive all cookies on the DumpsCertify.