An organization is setting up their website on AWS. The organization is working on various
security measures to be performed on the AWS EC2 instances. Which of the below mentioned
security mechanisms will not help the organization to avoid future data leaks and identify security
weaknesses?
A.
Run penetration testing on AWS with prior approval from Amazon.
B.
Perform SQL injection for application testing.
C.
Perform a Code Check for any memory leaks.
D.
Perform a hardening test on the AWS instance.
Explanation:
AWS security follows the shared security model where the user is as much responsible as
Amazon. Since Amazon is a public cloud it is bound to be targeted by hackers. If an organization
is planning to host their application on AWS EC2, they should perform the below mentioned
security checks as a measure to find any security weakness/data leaks:
Perform penetration testing as performed by attackers to find any vulnerability. The organization
must take an approval from AWS before performing penetration testing Perform hardening testing
to find if there are any unnecessary ports open Perform SQL injection to find any DB security
issues
The code memory checks are generally useful when the organization wants to improve the
application performance.
http://aws.amazon.com/security/penetration-testing/
Answer: D
Explanation:
AWS security follows the shared security model where the user is as much responsible as Amazon. Since Amazon is a public cloud it is bound to be targeted by hackers. If an organization is planning to host their application on AWS EC2, they should perform the below mentioned security checks as a measure to find any security weakness/data leaks:
Perform penetration testing as performed by attackers to find any vulnerability. The organization must take an approval from AWS before performing penetration testing
Perform hardening testing to find if there are any unnecessary ports open Perform SQL injection to find any DB security issues
The code memory checks are generally useful when the organization wants to improve the application performance.
Reference: http://aws.amazon.com/security/penetration-testing/
0
0
Answer C.
Explanation
AWS security follows the shared security model where the user is as much responsible as Amazon. Since Amazon is a public cloud it is bound to be targeted by hackers. If an organization is planning to host their application on AWS EC2, they should perform the below mentioned security checks as a measure to find any security weakness/data leaks:
• Perform penetration testing as performed by attackers to find any vulnerability. The organization must take an approval from AWS before performing penetration testing
• Perform hardening testing to find if there are any unnecessary ports open
• Perform SQL injection to find any DB security issues
The code memory checks are generally useful when the organization wants to improve the application performance.
3
0
Answer C.
The code memory checks are generally useful when the organization wants to improve the application performance.
3
0