Prev Question
Next Question

Your development team wants account-level access to production instances in order to do live debugging of a highly
secure environment. Which of the following should you do?

A.
Place the credentials provided by Amazon Elastic Compute Cloud (EC2) into a secure Amazon Sample Storage Service (S3) bucket
with encryption enabled.
Assign AWS Identity and Access Management (IAM) users to each developer so they can download the credentials file.

B.
Place an internally created private key into a secure S3 bucket with server-side encryption using customer keys and configuration
management, create a service account on all the instances using this private key, and assign IAM users to each developer so they can
download the file.

C.
Place each developer’s own public key into a private S3 bucket, use instance profiles and configuration management to create a user
account for each developer on all instances, and place the user’s public keys into the appropriate account.

D.
Place the credentials provided by Amazon EC2 onto an MFA encrypted USB drive, and physically share it with each developer so that
the private key never leaves the office.

Prev Question
Next Question

Leave a Reply

Your email address will not be published. Required fields are marked *