11d • 🙋♂️ CISSP
CISSP Practice Question (Domain 7: Security Operations - Cloud Incident Response)
A developer's leaked API key is used to spin up 400 cryptocurrency mining instances in your AWS account overnight. The monthly bill is now $180K over budget. What should the incident responder do FIRST?
A. Terminate all unauthorized instances to stop the financial bleeding
B. Rotate the compromised API key and disable the associated IAM user
C. Snapshot the instances and preserve CloudTrail logs for forensic analysis
D. Contact AWS billing to request a fraud-related credit
Come back for the answer tomorrow, or study more now!
1
23 comments
CISSP Practice Question (Domain 7: Security Operations - Cloud Incident Response)
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+45
2
+41
3
+34
4
+32
5
+28
Powered by