During a security incident, you need to capture forensics data from a compromised EC2 instance. Which AWS services and features would you use to ensure the integrity and availability of the forensic data? Describe the process.

Simulated

Explanation:

To ensure the integrity and availability of forensic data, it is best to store the data in an isolated forensic account, which enhances security by isolating sensitive data. Using S3 Object Lock ensures that the data cannot be altered or deleted, providing immutable storage for forensic evidence.

Powered ByGPT-5

AWS Certified Security - Specialty

Get started today

During a security incident, you need to capture forensics data from a compromised EC2 instance. Which AWS services and features would you use to ensure the integrity and availability of the forensic data? Describe the process.