AWS Certified Cloud Practitioner
Get started today
Ultimate access to all questions.
Deep dive into the quiz with AI chat providers.
We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.
A company wants to identify unintended network accessibility and vulnerabilities on Amazon EC2 instances. Which AWS service can the company use to meet this requirement?
Real Exam
Community
RRitesh
A
Amazon Inspector
B
AWS Config
C
AWS Trusted Advisor
D
AWS Shield
Explanation:
Explanation
Amazon Inspector is the correct service for this requirement because:
-
Vulnerability Assessment: Amazon Inspector automatically assesses Amazon EC2 instances for software vulnerabilities and unintended network exposure
-
Network Reachability Analysis: It analyzes the security groups and network configurations to identify unintended network accessibility
-
Automated Security Scanning: It provides automated security assessments to help identify security vulnerabilities
-
EC2 Instance Focus: Specifically designed to assess the security state of EC2 instances
Why other options are incorrect:
-
AWS Config: Focuses on resource configuration compliance and auditing, not vulnerability scanning
-
AWS Trusted Advisor: Provides cost optimization, performance, and security best practice recommendations, but not detailed vulnerability scanning
-
AWS Shield: A DDoS protection service, not a vulnerability assessment tool
Amazon Inspector generates detailed findings with severity levels and remediation steps, making it ideal for identifying security vulnerabilities and unintended network access on EC2 instances.
Comments
Loading comments...