SCS-C02 • Practice Test 15
Free SCS-C02 practice test — 15 questions with explanations. Set 15. No signup required.
Your company has a serverless application using AWS Lambda, Amazon API Gateway, and Amazon DynamoDB. The security team enabled AWS CloudTrail and Amazon GuardDuty. GuardDuty generates a finding 'Recon:EC2/PortProbeUnprotectedPort' for an EC2 instance that does not exist in the account. Upon investigation, you realize that the finding is triggered by a misconfigured Network Load Balancer (NLB) that is exposing a port to the internet. The NLB is used by the API Gateway. You need to reduce false positives for this specific finding. What should you do?