AWS Certified Cloud Practitioner
Get started today
Ultimate access to all questions.
Deep dive into the quiz with AI chat providers.
We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.
Which AWS service provides security and cost optimization recommendations such as unused EC2 instances or unprotected S3 buckets?
Real Exam
Community
RRitesh
A
AWS CloudTrail
B
AWS Inspector
Explanation:
Explanation
AWS Inspector is the correct answer because it is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. It automatically assesses applications for vulnerabilities or deviations from best practices, including:
-
Security recommendations for unprotected S3 buckets
-
Cost optimization by identifying unused or underutilized EC2 instances
-
Network accessibility issues
-
Application vulnerabilities
AWS CloudTrail (Option A) is primarily a logging service that records AWS API calls and delivers log files, but it doesn't provide proactive security and cost optimization recommendations like identifying unused EC2 instances or unprotected S3 buckets.
Key differences:
-
AWS Inspector: Proactive security assessment and recommendations
-
AWS CloudTrail: API activity logging and monitoring
The service that specifically provides security and cost optimization recommendations for unused EC2 instances and unprotected S3 buckets is AWS Trusted Advisor, but since it's not listed among the options, AWS Inspector is the closest match as it provides security assessments and recommendations.
Comments
Loading comments...