What should be done before performing a security test on a public cloud environment? (Choose two)
A. Inform the Cloud Provider
B. Review the Contract
C. Migrate the Resources into Maintenance Mode
D. Nothing - You Own the Resources So You Can Test Whenever You Want



Answer :

Answer: A. Inform the Cloud Provider and B. Review the Contract

Explanation:

Before performing a security test on a public cloud environment, it is important to consider the following steps:

  • A. Inform the Cloud Provider: It is crucial to inform the cloud provider about your intention to conduct security testing. This helps ensure compliance with their policies and avoids unintended consequences, such as triggering automated security measures or violating terms of service.
  • B. Review the Contract: Reviewing the contract with the cloud provider is essential to understand any specific clauses or limitations related to security testing. Some contracts may have restrictions on the types of tests, timing, or procedures allowed.

Therefore, the correct options are A. Inform the Cloud Provider and B. Review the Contract. These steps help ensure that security testing is conducted in a manner that aligns with the cloud provider's policies and contractual agreements.