Explanation:
The correct answer is D. Amazon Inspector is designed to scan EC2 instances for vulnerabilities, providing an in-depth analysis of potential security issues. AWS Systems Manager Patch Manager allows you to automate the process of patching EC2 instances on a regular schedule. By combining these two services, you can ensure that your EC2 instances are regularly scanned for vulnerabilities and patched accordingly. Options A, B, and C do not provide a comprehensive and integrated solution for both scanning and patching EC2 instances with detailed reporting as required.
Ultimate access to all questions.
How can a solutions architect ensure regular security scanning and patching of a large fleet of Amazon EC2 instances, along with reporting on each instance's patch status?
A
Using Amazon Macie for scanning and cron jobs for patching.
B
Enabling Amazon GuardDuty for scanning and AWS Systems Manager Session Manager for patching.
C
Deploying Amazon Detective for scanning with Amazon EventBridge for scheduling patches.
D
Activating Amazon Inspector for scanning and leveraging AWS Systems Manager Patch Manager for automated patching.
No comments yet.