Answer-first summary for fast verification
Answer: AWS Inspector
## Explanation **AWS Inspector** is the correct answer because it is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. It automatically assesses applications for vulnerabilities or deviations from best practices, including: - **Security recommendations** for unprotected S3 buckets - **Cost optimization** by identifying unused or underutilized EC2 instances - Network accessibility issues - Application vulnerabilities **AWS CloudTrail** (Option A) is primarily a logging service that records AWS API calls and delivers log files, but it doesn't provide proactive security and cost optimization recommendations like identifying unused EC2 instances or unprotected S3 buckets. **Key differences:** - **AWS Inspector**: Proactive security assessment and recommendations - **AWS CloudTrail**: API activity logging and monitoring The service that specifically provides security and cost optimization recommendations for unused EC2 instances and unprotected S3 buckets is **AWS Trusted Advisor**, but since it's not listed among the options, AWS Inspector is the closest match as it provides security assessments and recommendations.
Author: Ritesh Yadav
Ultimate access to all questions.
No comments yet.