Answer-first summary for fast verification
Answer: Review the application security groups to ensure that only the necessary ports are open., Use Amazon Inspector to periodically scan the backend instances.
To address the increasing number of malicious attacks, it is critical to minimize the attack surface and check for known vulnerabilities. Option B, 'Review the application security groups to ensure that only the necessary ports are open,' helps in reducing the attack surface by ensuring that only essential ports are exposed to the internet. Option D, 'Use Amazon Inspector to periodically scan the backend instances,' is crucial for identifying and mitigating known vulnerabilities by performing regular security assessments of the EC2 instances. Together, these steps provide a more secure environment for the application.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
A security engineer is tasked with managing a traditional three-tier web application deployed on Amazon EC2 instances. The application is experiencing a surge in malicious attacks from the internet. To enhance security, the engineer needs to implement two specific measures to identify and mitigate known vulnerabilities and reduce the application's exposure to attacks. What should these measures be?
A
Use AWS Certificate Manager to encrypt all traffic between the client and application servers.
B
Review the application security groups to ensure that only the necessary ports are open.
C
Use Elastic Load Balancing to offload Secure Sockets Layer encryption.
D
Use Amazon Inspector to periodically scan the backend instances.
E
Use AWS Key Management Service (AWS KMS) to encrypt all the traffic between the client and application servers.
No comments yet.