Free Preparation Discussions
MENU
Eccouncil 312-97 Exam - Topic 2 Question 9 Discussion
Topic #: 2
(George Lennon is working as at InfoWorld Pvt. Solution as a DevSecOps engineer. His colleague, Sarah Mitchell, is a senior software developer. George told her to participate in a bug bounty program conducted by AWS for python and Java code developers. He informed Sarah that the challenge is a fun-based solution for bashing bugs, encouraging team building, and bringing friendly competition to enhance the quality of the code and application performance. Acting on George's advice, Sarah participated in the bug bounty program and scored the highest points in the challenge, and she received a reward of $10,000. Based on the given information, which of the following bug bounty programs did Sarah participate?.)
The description matches AWS BugBust, which AWS positions as a gamified, team-based bug fixing challenge rather than a classic external ''bug bounty'' for finding vulnerabilities in AWS itself. The key hints are ''fun-based solution for bashing bugs,'' ''encouraging team building,'' and ''friendly competition,'' along with scoring points and awarding prizes. BugBust focuses on improving code quality by motivating developers to find and fix issues (often via static analysis findings) in languages like Java and Python. Participants earn points for remediations and compete on leaderboards, which aligns directly with Sarah ''scored the highest points'' and received a cash reward. The other names (BugFixer, BugFinder, BugHunt) are plausible-sounding but do not match the commonly referenced AWS gamified program described. In a DevSecOps context, this type of program supports culture by incentivizing secure coding habits, encouraging shared ownership of quality, and making remediation visible and rewarding across the engineering team.
Erick
4 days ago