ExamGecko
Question list
Search
Search

List of questions

Search

Related questions











Question 67 - SAP-C01 discussion

Report
Export

An organization is setting up their website on AWS. The organization is working on various security measures to be performed on the AWS EC2 instances. Which of the below mentioned security mechanisms will not help the organization to avoid future data leaks and identify security weaknesses?

A.
Run penetration testing on AWS with prior approval from Amazon.
Answers
A.
Run penetration testing on AWS with prior approval from Amazon.
B.
Perform SQL injection for application testing.
Answers
B.
Perform SQL injection for application testing.
C.
Perform a Code Check for any memory leaks.
Answers
C.
Perform a Code Check for any memory leaks.
D.
Perform a hardening test on the AWS instance.
Answers
D.
Perform a hardening test on the AWS instance.
Suggested answer: C

Explanation:

AWS security follows the shared security model where the user is as much responsible as Amazon. Since Amazon is a public cloud it is bound to be targeted by hackers. If an organization is planning to host their application on AWS EC2, they should perform the below mentioned security checks as a measure to find any security weakness/data leaks:

Perform penetration testing as performed by attackers to find any vulnerability. The organization must take an approval from AWS before performing penetration testing Perform hardening testing to find if there are any unnecessary ports open Perform SQL injection to find any DB security issues The code memory checks are generally useful when the organization wants to improve the application performance.

Reference: http://aws.amazon.com/security/penetration-testing/

asked 16/09/2024
ola adekanbi
38 questions
User
Your answer:
0 comments
Sorted by

Leave a comment first