ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
An e-commerce company hosts its MySQL database on Amazon RDS with daily automated snapshots. After a faulty application deployment corrupts several critical tables, customers are unable to complete purchases. To implement an effective corrective control and restore normal operations with the least data loss, what should the security practitioner do first?
Create granular IAM roles that restrict the application's ability to update database tables going forward.
Convert the existing RDS instance to multi-AZ to replicate data to a standby and improve fault tolerance.
Enable Amazon GuardDuty to monitor the account and generate security findings related to the compromised database.
Restore the most recent automated snapshot to a new RDS instance, verify data integrity, and redirect production traffic to the restored database.
Corrective controls aim to remediate the impact of an incident and return systems to a known-good state. Restoring the most recent automated RDS snapshot to a new instance, validating data integrity, and then redirecting production traffic reverses the corruption and minimizes data loss. Converting the existing instance to multi-AZ only improves availability-any corruption would replicate to the standby, so it does not correct the problem. Creating tighter IAM roles is a preventative measure that might stop future issues but does not fix the current data damage. Enabling Amazon GuardDuty is a detective control that monitors for threats; it does not restore the database. Therefore, restoring from backup is the appropriate corrective action.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are Amazon RDS automated snapshots?
Open an interactive chat with Bash
How does multi-AZ replication in Amazon RDS work?
Open an interactive chat with Bash
What is a corrective control in information security?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Security Concepts and Practices
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .