ExamGecko
Question list
Search
Search

List of questions

Search

Related questions











Question 175 - SCS-C02 discussion

Report
Export

A security team is using Amazon EC2 Image Builder to build a hardened AMI with forensic capabilities. An AWS Key Management Service (AWS KMS) key will encrypt the forensic AMI EC2 Image Builder successfully installs the required patches and packages in the security team's AWS account. The security team uses a federated IAM role m the same AWS account to sign in to the AWS Management Console and attempts to launch the forensic AMI. The EC2 instance launches and immediately terminates.

What should the security learn do lo launch the EC2 instance successfully

A.
Update the policy that is associated with the federated IAM role to allow the ec2. Describelmages action for the forensic AMI.
Answers
A.
Update the policy that is associated with the federated IAM role to allow the ec2. Describelmages action for the forensic AMI.
B.
Update the policy that is associated with the federated IAM role to allow the ec2 Start Instances action m the security team's AWS account.
Answers
B.
Update the policy that is associated with the federated IAM role to allow the ec2 Start Instances action m the security team's AWS account.
C.
Update the policy that is associated with the KMS key that is used to encrypt the forensic AMI. Configure the policy to allow the kms. Encrypt and kms Decrypt actions for the federated IAM role.
Answers
C.
Update the policy that is associated with the KMS key that is used to encrypt the forensic AMI. Configure the policy to allow the kms. Encrypt and kms Decrypt actions for the federated IAM role.
D.
Update the policy that is associated with the federated IAM role to allow the kms. DescribeKey action for the KMS key that is used to encrypt the forensic AMI.
Answers
D.
Update the policy that is associated with the federated IAM role to allow the kms. DescribeKey action for the KMS key that is used to encrypt the forensic AMI.
Suggested answer: C

Explanation:

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/troubleshooting-launch.html#troubleshooting-launch-internal

asked 16/09/2024
Arkadi Popov
40 questions
User
Your answer:
0 comments
Sorted by

Leave a comment first