An attacker wants a single technique that can uncover identity, logging, and network misconfigurations across multiple cloud accounts and provide actionable remediation advice. Which approach BEST meets this goal?
Rely solely on the cloud provider's default monitoring dashboards for configuration details.
Write a custom script that parses event logs but ignores role and network policy information.
Enable each provider's built-in metrics collection and manually review the raw data later.
Run an open-source cloud-security scanner (for example, Prowler or ScoutSuite) that evaluates IAM, logging and network controls and outputs remediation guidance.
Open-source posture-assessment tools such as Prowler or ScoutSuite call cloud-provider APIs, collect configuration data for services like IAM, CloudTrail/Logging, and VPC/Networking, compare the settings to security benchmarks, and output reports that prioritise findings and list remediation steps. A home-grown log-parsing script can miss IAM or network policies, native metrics collectors only gather raw data without analysing it, and default provider dashboards show issues for one tenant at a time and still require manual correlation across services.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Prowler or ScoutSuite in cloud security?
Open an interactive chat with Bash
Why are custom scripts not as effective as tools like Prowler or ScoutSuite?
Open an interactive chat with Bash
What are the limitations of relying on a cloud provider's default monitoring tools?