Answer-first summary for fast verification
Answer: Configure Amazon Inspector to detect vulnerabilities on the EC2 instances. Install the Amazon CloudWatch Agent to capture system logs and record them via Amazon CloudWatch Logs.
The correct answer is D. Amazon Inspector is designed to detect software vulnerabilities and unintended network exposure in AWS workloads such as Amazon EC2. Alongside, the Amazon CloudWatch Agent can capture system logs and record them via Amazon CloudWatch Logs, providing a comprehensive audit trail of login activities. This combination meets both requirements of vulnerability detection and audit trail maintenance.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
A company seeks to enhance the security of their EC2 instances by receiving notifications of newly discovered vulnerabilities and maintaining a comprehensive audit trail of all login activities. Which combination of AWS services and agents should they implement to achieve these security objectives?
A
Use AWS Systems Manager to detect vulnerabilities on the EC2 instances. Install the Amazon Kinesis Agent to capture system logs and deliver them to Amazon S3.
B
Use AWS Systems Manager to detect vulnerabilities on the EC2 instances. Install the Systems Manager Agent to capture system logs and view login activity in the CloudTrail console.
C
Configure Amazon CloudWatch to detect vulnerabilities on the EC2 instances. Install the AWS Config daemon to capture system logs and view them in the AWS Config console.
D
Configure Amazon Inspector to detect vulnerabilities on the EC2 instances. Install the Amazon CloudWatch Agent to capture system logs and record them via Amazon CloudWatch Logs.
No comments yet.