AWS Certified Security – Specialty (SCS-C02) — Question 76

A company maintains an open-source application that is hosted on a public GitHub repository. While creating a new commit to the repository, an engineer uploaded their AWS access key and secret access key. The engineer reported the mistake to a manager, and the manager immediately disabled the access key.

The company needs to assess the impact of the exposed access key. A security engineer must recommend a solution that requires the least possible managerial overhead.

Which solution meets these requirements?

Answer options

• A. Analyze an AWS Identity and Access Management (IAM) use report from AWS Trusted Advisor to see when the access key was last used.
• B. Analyze Amazon CloudWatch Logs for activity by searching for the access key.
• C. Analyze VPC flow logs for activity by searching for the access key.
• D. Analyze a credential report in AWS Identity and Access Management (IAM) to see when the access key was last used.

Correct answer: D

Explanation

The correct answer is D, as the credential report in AWS IAM provides a comprehensive overview of access key usage, including when it was last used, with minimal management effort. Option A requires more detailed analysis and may not provide the necessary context. Options B and C focus on logs that may not directly correlate to the access key's usage, making them less efficient for this specific assessment.