Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Question #2 Looking at the network diagram below, please identify three risks (t

ID: 3751579 • Letter: Q

Question

Question #2 Looking at the network diagram below, please identify three risks (taken from the 2017 OWASP Top 10 list) that could negatively affect the website. For each proposed risk provide remediation steps that could be taken media yourApp.com (Stabic data) Am azon Route 53 Hosted Zone Am azon CloudFront Elastic Load Balancer l1 Amazon EC2 Instances Am azon CloudWatch Alarms Am azon S3 Bucket Web Server Web Server Auto Scaling Group Amazon SNS Notifications App Server App Server App Tier Am azorn OynamoDB Tables CACHE CACHE I ElastiCache Amazon RDS Tier A2-1 Am azon SES Email Region

Explanation / Answer

First of all, if we look carefully into the diagram, we see that in the whole setup there is no firewall present and that is the most important security which is missing in this diagram. So any inbound as well as out bound traffic can easily pass into the network and can exploit the resources. This is subjected to high security threats and any attacker can easily hack your whole network.

In order to mitigate this, a security group and security group rules must be implemented such that only trusted traffic can enter into the network. This firewall will prevent that traffic which under the deny rule of the security group.

Secondly, this could be any chance of security threat is the use of proper Virtual Private Cloud or VPC. In the VPC the EC2 instances as well as the RDS database resides. And outside of the VPC the S3 bucket resides. Here, in the scenario both the availability zone is residing in the same VPC. It will be better if you use different VPC for different Availability zone and then linking them can provide better security than this scenario.

Thirdly, another level of the security is missing that is the Access Control List. The ACL will enable the user to manage as well as access buckets and objects. Each and every resource must be attached with proper ACL. The Access Control List defines the accesses granted to the resources present in the AWS account. Configure a proper ACL for each resources, that is will certainly make your whole environment more secured.

Related Questions

Question #1: Which of the following is false about the light reactions of photos
Question #60033
Question #1: Which of the following is true? a)A cladogram does not show relatio
Question #27729
Question #1: Which of the following pairs of redox molecules is NOT in the prope
Question #59377
Question #1: Which of the following statements is not true? a.) Glycogen phospho
Question #58057
Question #1: Who are the stakeholders in this case and who is controlling the st
Question #417668
Question #1: Write a program that : • reads a string. • Then passes it to a func
Question #3622693
Question #1: You perform column Chromatography on a mixture of reaction products
Question #811548
Question #1: first question Hi. I am working on a systems assignment and I am gi
Question #3548997

Navigate

Previous
Question #2 Let us consider the following graph over the nodes {1, 2, 3, 4, 5, 6
Next
Question #2 One of Arthur Alpaca\'s best-selling products is an imported sausage