Question

You have AWS Basic support, and you have discovered that some AWS resources are being used maliciously, and those resources could potentially compromise your data. What should you do?

1) Contact AWS support and report the issue
2) Disconnect the compromised resources from the network
3) Investigate the issue further on your own
4) Do nothing and hope for the best

Answer 1

In case of discovering malicious use of AWS resources, contact AWS support immediately, disconnect the compromised resources, and investigate the issue to mitigate damage. Do not ignore the situation as it can lead to further complications.

Step-by-step explanation:

If you have AWS Basic support and discover that some AWS resources are being used maliciously, the best course of action includes several steps:

1. Contact AWS support and report the issue immediately. As part of their service, they can guide you through the process of handling the security incident.
2. Disconnect the compromised resources from the network to prevent further malicious activity. This might involve taking EC2 instances offline or adjusting network access control lists (ACLs) and security groups to isolate the compromised systems.
3. Investigate the issue further on your own by gathering logs and information that could help in understanding the breach and preventing future incidents.

Choosing to do nothing is not a recommended action, as it could lead to further data compromise and security issues. The priority should be to secure your systems and mitigate any damage or potential data loss.