SSCP • Practice Test 10
Free SSCP practice test — 10 questions with explanations. Set 10. No signup required.
A company uses AWS for critical workloads. An analyst notices unauthorized API calls from an IP address outside the company. The logs show that the attacker used stolen access keys belonging to an IAM user with administrative privileges. The incident response team must contain the breach as quickly as possible. The analyst has access to the AWS Management Console and can use the CLI. The team is following the incident response plan. Which action should be taken FIRST to prevent further unauthorized actions?