Amazon Web Services Related Exams
SCS-C02 Exam
Key domains include:
Incident Response
Logging and Monitoring
Infrastructure Security
Identity and Access Management
Data Protection
Secure Design and Implementation
The SCS-C02 certification is all about protecting AWS environments—think encryption, access control, threat detection, and compliance. On the other hand, the ANS-C01 certification dives deep into network architecture—including hybrid setups, routing protocols, and secure connectivity.
A business stores website images in an Amazon S3 bucket. The firm serves the photos to end users through Amazon CloudFront. The firm learned lately that the photographs are being accessible from nations in which it does not have a distribution license.
Which steps should the business take to safeguard the photographs and restrict their distribution? (Select two.)
A development team is creating an open source toolset to manage a company's SaaS application. The company stores the code in a public repository so that anyone can view and download the toolset's code.
The company discovers that the code contains an IAM access key and secret key that provide access to internal resources in the company's AWS environment.
A security engineer must implement a solution to identify whether unauthorized usage of the exposed credentials has occurred. The solution also must prevent any additional usage of the exposed credentials.
Which combination of steps will meet these requirements? (Select TWO.)
An IT department currently has a Java web application deployed on Apache Tomcat running on Amazon EC2 instances. All traffic to the EC2 instances is sent through an internet-facing Application Load Balancer (ALB) The Security team has noticed during the past two days thousands of unusual read requests coming from hundreds of IP addresses. This is causing the Tomcat server to run out of threads and reject new connections
Which the SIMPLEST change that would address this server issue?