Home › Forums › AWS › AWS Certified DevOps Engineer Professional › DOP- Review Mode Set 2
-
The question here clearly states that the application needs to be assessed, not the architecture. In this scenario, CodeGuru should be used to assess the code for the application for vulnerabilities, So far in this course and in this practice exam what I have learned is, amazon inspector is for scanning the architecture not the applications on the instances.
-
Hello AnkitPanchotiya,
Thank you for your feedback. It’s important to differentiate between assessing the application code and the overall application environment. The question specifies the need to assess applications for exposure, vulnerabilities, and deviations from AWS best practices.
- Amazon CodeGuru: Primarily focuses on code reviews and performance recommendations, making it ideal for assessing the application code.
- Amazon Inspector: Designed to assess the security and compliance of applications running on EC2 instances, including identifying vulnerabilities and deviations from best practices in the application environment.
Given the broader scope of the question, which includes assessing the application environment, Amazon Inspector is the most suitable for this scenario. It provides a comprehensive assessment of the application’s security posture, covering both the infrastructure and the application running on it.
I hope this helps!
Regards,
JR @ Tutorials Dojo-
-
No worries, AnkitPanchotiya! We’re here to assist you.
-
Log in to reply.