SCS-C02 Threat Detection and Incident Response • Set 2
SCS-C02 Threat Detection and Incident Response Practice Test 2 — 15 questions with explanations. Free, no signup.
A security engineer is reviewing a CloudTrail log entry (exhibit). What is the most immediate security concern indicated by this event?
Refer to the exhibit.
```
{
"Records": [
{
"eventVersion": "1.08",
"userIdentity": {
"type": "IAMUser",
"arn": "arn:aws:iam::123456789012:user/JohnDoe",
"accountId": "123456789012",
"accessKeyId": "AKIAIOSFODNN7EXAMPLE"
},
"eventTime": "2024-08-01T12:34:56Z",
"eventSource": "ec2.amazonaws.com",
"eventName": "AuthorizeSecurityGroupIngress",
"awsRegion": "us-east-1",
"sourceIPAddress": "203.0.113.5",
"userAgent": "console.amazonaws.com",
"requestParameters": {
"groupId": "sg-0123456789abcdef0",
"ipPermissions": {
"items": [
{
"ipProtocol": "tcp",
"fromPort": 22,
"toPort": 22,
"ipRanges": [
{
"cidrIp": "0.0.0.0/0"
}
]
}
]
}
}
}
]
}
```