Computer Hacking Forensic Investigator (CHFI v10) — Question 455

A mid-sized enterprise recently suffered a security breach in their AWS-hosted application. The responsibility for identifying the source and cause of this breach falls under the purview of the internal security team. Based on the AWS shared responsibility model, which of the following would be the appropriate action for the team?

Answer options

• A. Investigate AWS's underlying infrastructure including hardware and databases for security flaws
• B. Audit the application security and IAM configurations within the enterprise's AWS services
• C. Conduct a full review of AWS’s global infrastructure including regions, availability zones, and edge locations
• D. Check for security vulnerabilities in AWS container services' OS and application platform

Correct answer: B

Explanation

The correct answer is B because the internal security team is responsible for the security of the application and its configurations within AWS services. Options A, C, and D incorrectly imply that the team should investigate AWS's infrastructure, which is managed by AWS, rather than focusing on the enterprise's own application and IAM settings.