AWS Certified Security - Specialty
Get started today
Ultimate access to all questions.
Ultimate access to all questions.
Your organization has experienced a security incident that has affected its AWS environment. As an AWS Certified Security - Specialty professional, you are tasked with recovering the affected services and restoring normal operations. Describe the steps you would take to recover the services after the incident and ensure the integrity and availability of the affected services.
Explanation:
Option A is the most appropriate initial step in recovering the affected services after a security incident. Restoring the services from backups taken before the incident can help ensure the integrity and availability of the services and minimize downtime. While rebuilding the services from scratch (Option B) can be considered if the extent of the compromise is unknown or extensive, it may not be the most efficient approach in all cases. Implementing additional security measures (Option C) and conducting a post-incident review (Option D) are also important steps in the recovery process, but restoring the services from backups should be the first priority to restore normal operations.