Question 16
Domain 2: Security and ComplianceYour company is developing a critical web application in AWS, and the security of the application is a top priority. Which of the following AWS services will provide infrastructure security optimization recommendations?
Correct answer: D
Explanation
AWS Trusted Advisor provides “infrastructure security optimization recommendations” by checking your AWS environment against best practices. It is the AWS service that advises on security, including items like access permissions and configuration checks, which fits a critical web application’s security needs.
Why each option is right or wrong
A. AWS Shield.
B. AWS Management Console.
C. AWS Secrets Manager.
D. AWS Trusted Advisor.
AWS Trusted Advisor is the AWS service that performs best-practice checks across an account and flags security-related findings such as overly permissive IAM policies, exposed security groups, and MFA status. Its security checks are part of the service’s standard recommendations set, which is why it is the correct choice for infrastructure security optimization in an AWS-hosted web application.