SCS-C02 Security Logging and Monitoring • Set 19
SCS-C02 Security Logging and Monitoring Practice Test 19 — 15 questions with explanations. Free, no signup.
A company uses Amazon GuardDuty to monitor for threats. The security team receives a high-severity finding: 'UnauthorizedAccess:EC2/SSHBruteForce'. The finding indicates a single EC2 instance with a public IP is receiving SSH connection attempts from multiple external IPs. The instance is part of an Auto Scaling group and is fronted by an Application Load Balancer (ALB). The security team wants to block the attacking IPs without disrupting legitimate traffic. What is the MOST effective approach?