ExamGecko
Question list
Search
Search

List of questions

Search

Related questions











Question 156 - SCS-C02 discussion

Report
Export

A company is evaluating the use of AWS Systems Manager Session Manager to gam access to the company's Amazon EC2 instances. However, until the company implements the change, the company must protect the key file for the EC2 instances from read and write operations by any other users.

When a security administrator tries to connect to a critical EC2 Linux instance during an emergency, the security administrator receives the following error. 'Error Unprotected private key file - Permissions for' ssh/my_private_key pern' are too open'.

Which command should the security administrator use to modify the private key Me permissions to resolve this error?

A.
chmod 0040 ssh/my_private_key pern
Answers
A.
chmod 0040 ssh/my_private_key pern
B.
chmod 0400 ssh/my_private_key pern
Answers
B.
chmod 0400 ssh/my_private_key pern
C.
chmod 0004 ssh/my_private_key pern
Answers
C.
chmod 0004 ssh/my_private_key pern
D.
chmod 0777 ssh/my_private_key pern
Answers
D.
chmod 0777 ssh/my_private_key pern
Suggested answer: B

Explanation:

The error message indicates that the private key file permissions are too open, meaning that other users can read or write to the file. This is a security risk, as the private key should be accessible only by the owner of the file. To fix this error, the security administrator should use the chmod command to change the permissions of the private key file to 0400, which means that only the owner can read the file and no one else can read or write to it.

The chmod command takes a numeric argument that represents the permissions for the owner, group, and others in octal notation. Each digit corresponds to a set of permissions: read (4), write (2), and execute (1). The digits are added together to get the final permissions for each category. For example, 0400 means that the owner has read permission (4) and no other permissions (0), and the group and others have no permissions at all (0).

The other options are incorrect because they either do not change the permissions at all (D), or they give too much or too little permissions to the owner, group, or others (A, C).

Verified

Reference:

https://superuser.com/questions/215504/permissions-on-private-key-in-ssh-folder

https://www.baeldung.com/linux/ssh-key-permissions

asked 16/09/2024
Meriem Jlassi
36 questions
User
Your answer:
0 comments
Sorted by

Leave a comment first