The Security Engineer is managing a traditional three-tier web application that is running on Amazon EC2 instances. The application has become the target of inc...

The Security Engineer is managing a traditional three-tier web application that is running on Amazon EC2 instances. The application has become the target of increasing numbers of malicious attacks from the Internet.
What steps should the Security Engineer take to check for known vulnerabilities and limit the attack surface? (Choose two.)