AWS Service for Infrastructure Security Optimization Recommendations

AWS Service for Infrastructure Security Optimization Recommendations

Question

Which AWS service provides infrastructure security optimization recommendations?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Answer - C.

The AWS documentation mentions the following:

An online resource to help you reduce cost, increase performance, and improve security by optimizing your AWS environment, Trusted Advisor provides real time guidance to help you provision your resources following AWS best practices.

For more information on the AWS Trusted Advisor, please refer to the below URL:

https://aws.amazon.com/premiumsupport/trustedadvisor/

Choices A, B, and D are incorrect.

They are not related to infrastructure security optimization.

The correct answer is C. AWS Trusted Advisor.

AWS Trusted Advisor is a service provided by AWS that offers guidance to optimize AWS infrastructure for security, cost, performance, and fault tolerance. Trusted Advisor provides real-time feedback and recommendations based on the current usage and configuration of AWS services. It leverages AWS best practices and checks for over 100 different criteria across several categories such as Cost Optimization, Performance, Security, Fault Tolerance, and Service Limits.

Regarding the specific question about infrastructure security optimization recommendations, Trusted Advisor can provide guidance on several security-related topics, including:

  • Security Groups: checks for unused and overly permissive rules in security groups.
  • IAM: evaluates the use of MFA, least privilege, unused access keys, and more.
  • Network ACLs: checks for unused and overly permissive rules in network access control lists.
  • Amazon S3: checks for publicly accessible buckets, encryption settings, and more.
  • AWS WAF: checks for outdated and unused rules, and security misconfigurations.

In summary, AWS Trusted Advisor provides security optimization recommendations by analyzing the configuration of AWS infrastructure for security vulnerabilities, and providing guidance based on AWS best practices.