SCS-C02 Threat Detection and Incident Response • Set 12
SCS-C02 Threat Detection and Incident Response Practice Test 12 — 15 questions with explanations. Free, no signup.
A security engineer is setting up automated incident response for a compromised IAM user. The engineer wants to automatically revoke the user's access keys and attach a deny-all policy when a GuardDuty finding of type 'UnauthorizedAccess:IAMUser/InstanceCredentialExfiltration' is generated. Which services should be used to achieve this automation?