Q26 — AWS SCS-C02 Ch.1
Question 26 of 100 | ← Chapter 1
an engineer uploaded their AWS access key and secret access key. The engineer reported the mistake to a manager, and the manager immediately disabled the access key. The company needs to assess the impact of the exposed access key. A security engineer must recommend a solution that requires the least possible managerial overhead. Which solution meets these requirements?
- A. Analyze an AWS Identity and Access Management (IAM) use report from AWS Trusted Advisor to see when the access key was last used.
- B. Analyze Amazon CloudWatch Logs for activity by searching for the access key.
- C. Analyze VPC flow logs for activity by searching for the access key.
- D. Analyze a credential report in AWS Identity and Access Management (IAM) to see when the access key was last used. ✓
Correct Answer: D. Analyze a credential report in AWS Identity and Access Management (IAM) to see when the access key was last used.
Explanation
AWS凭证报告提供了IAM用户及其访问密钥的详细信息,包括最后一次使用时间,可直接生成无需额外配置。Amazon官方文档指出IAM凭证报告包含访问密钥的最后使用时间戳。选项A的Trusted Advisor主要检查未使用的密钥而非历史记录;选项B、C需要预先启用特定日志并编写查询,增加了操作复杂性。选项D通过IAM内置功能直接获取所需信息,管理成本最低。