Which of the following is NOT a best practice for carrying out a security audit?
Click on the arrows to vote for the correct answer
A. B. C. D.Answer - A.
The AWS Documentation mentions the following.
You should audit your security configuration in the following situations:
On a periodic basis.
If there are changes in your organization, such as people leaving.
If you have stopped using one or more individual AWS services.
This is important for removing permissions that users in your account no longer need.
If you've added or removed software in your accounts, such as applications on Amazon EC2 instances, AWS OpsWorks stacks, AWS CloudFormation templates, etc.
If you ever suspect that an unauthorized person might have accessed your account.
Option B is invalid because conducting audits when new instances are added to your account is good security practice.
Option C is invalid because if you feel unauthorized access has occurred for your account, then, by all means, conduct a security audit.
Option D is invalid because whenever there are any sort of changes in an organization, you should conduct a security audit.
For more information on Security Audit guideline, please visit the below URL.
https://docs.aws.amazon.com/general/latest/gr/aws-security-audit-guide.htmlThe correct answer is A. Only conduct an audit periodically.
A security audit is a process of evaluating the security of an organization's systems and infrastructure. It is an essential activity that helps identify vulnerabilities, risks, and threats to the organization's security posture. Conducting regular security audits is a best practice for maintaining a secure environment. However, conducting an audit periodically is not enough. The other options listed are all valid reasons for carrying out a security audit.
B. Conduct an audit if application instances have been added to your account. Whenever new application instances are added to your account, it is essential to conduct a security audit to ensure that they are secure and comply with your organization's security policies.
C. Conduct an audit if you ever suspect that an unauthorized person might have accessed your account. If you ever suspect that an unauthorized person might have accessed your account, it is critical to conduct a security audit immediately. This will help you identify any security breaches and take appropriate action to mitigate them.
D. Wherever there are changes in your organization, such as people leaving. Whenever there are changes in your organization, such as people leaving, it is necessary to conduct a security audit to ensure that there are no security gaps or vulnerabilities in your systems and infrastructure.
In summary, while it is essential to conduct regular security audits, it is also crucial to conduct audits when changes occur, or there is a suspected security breach or vulnerability.