🔥 40% Off Crucial Exams Memberships — This Week Only

2 days, 9 hours remaining!
Crucial Exams

ISC2 Systems Security Certified Practitioner (SSCP) Practice Question

While performing a peer code review of a Python module that will run on an AWS Lambda function, you notice the developer initialized the SDK client as follows:

import boto3
s3 = boto3.client(
    "s3",
    aws_access_key_id="AKIAEXAMPLEKEY",
    aws_secret_access_key="wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
)

The source code is stored in a private GitHub repository that triggers an automated deployment pipeline. From a secure-coding and vulnerability-management standpoint, which issue should you flag as the highest priority and what remediation should you recommend?

  • No action is required because CodePipeline automatically encrypts any credentials embedded in the source during deployment.

  • Using the boto3 client interface instead of the higher-level resource interface increases exposure; switch to the resource interface to reduce risk.

  • Hard-coded AWS access keys risk credential compromise; replace them with an IAM role or retrieve them securely from AWS Secrets Manager.

  • The repository is private, so the embedded keys are protected; the only recommendation is to enable branch protection rules.

ISC2 Systems Security Certified Practitioner (SSCP)
Risk Identification, Monitoring and Analysis
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot