Q79 — AWS SCS-C02 Ch.1

Question 79 of 100 | ← Chapter 1

A development team is creating an open source toolset to manage a company's software as a service (SaaS) application. The company stores the code in a public repository so that anyone can view and download the toolset's code. The company discovers that the code contains an IAM access key and secret key that provide access to internal resources in the company’s AWS environment. A security engineer must implement a solution to identify whether unauthorized usage of the exposed credentials has occurred. The solution also must prevent any additional usage of the exposed credentials. Which combination of steps will meet these requirements? (Choose two.)

Correct Answer: A. Use AWS Identity and Access Management Access Analyzer to determine which resources the exposed credentials accessed and who used them.  , B. Deactivate the exposed IAM access key from the user’s IAM account.  

Explanation

题目涉及处理AWS凭证泄露后的应对措施。AWS官方文档指出,当IAM访问密钥暴露时,首要操作是立即停用该密钥(选项B),防止进一步未经授权的访问。AWS Identity and Access Management Access Analyzer(选项A)用于分析资源访问历史,识别凭证被使用的范围和操作主体,符合检测需求。选项C错误,因GuardDuty本身无法直接阻止密钥使用;选项D属于后续补救措施,与检测和阻止无关;选项E的凭证报告仅提供用户登录时间,无法验证密钥是否被外部使用。正确措施为停用密钥并分析访问记录。