Your organization has detected a compromised Amazon EC2 instance. Describe the steps you would take to automate the remediation process using AWS Lambda and AWS Systems Manager Runbooks. Include how you would trigger the Lambda function and the actions the Runbook would perform.

Simulated

Trigger the Lambda function via a CloudWatch alarm; the Runbook isolates the EC2 instance by detaching its security group.

28.6%

Manually invoke the Lambda function; the Runbook stops the EC2 instance and creates an EBS snapshot.

14.3%

Use EventBridge to trigger the Lambda function; the Runbook terminates the EC2 instance and audits its logs.

57.1%

Schedule the Lambda function with CloudWatch Events; the Runbook reboots the EC2 instance and audits its network traffic.

0.0%

AWS Certified Security - Specialty