Your organization is planning a security assessment of its hybrid cloud infrastructure to identify potential risk exposures at the network perimeter. When preparing for edge discovery, what approach should you take to comprehensively map the exposed services on both the on-premises and cloud environments?
Employ network scanning tools to probe all assigned on-premises and cloud-based IP ranges.
Perform DNS footprinting to gather detailed information about the organizations' domain names and records.
Focus on running a comprehensive vulnerability assessment on the on-premises environment only.
Embed agents within cloud services to passively gather data on potential exposures.
Utilizing network scanning tools to probe both on-premises and cloud-based IP ranges provides a full picture of the organization's edge, uncovering any services exposed to the external environment. DNS footprinting alone would only provide information related to domain names and records but would not necessarily map all exposed services. Similarly, running a vulnerability assessment on the on-premises environment specifically disregards cloud services, which is a part of the hybrid infrastructure. Embedding agents into cloud services may offer ongoing monitoring but is not a substitute for an active edge discovery scan.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are network scanning tools, and how do they work?
Open an interactive chat with Bash
What is a hybrid cloud infrastructure?
Open an interactive chat with Bash
What is DNS footprinting and how is it relevant to security assessments?