AWS Certified Cloud Practitioner

Get started today

Ultimate access to all questions.

Deep dive into the quiz with AI chat providers.

We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.

A company wants to identify unintended network accessibility and vulnerabilities on Amazon EC2 instances. Which AWS service can the company use to meet this requirement?

Real Exam

Community

RRitesh

Last updated: December 2, 2025 at 18:03

Amazon Inspector

AWS Config

AWS Trusted Advisor

AWS Shield

Explanation:

Amazon Inspector is the correct answer because it is specifically designed for automated security assessment service that helps improve the security and compliance of applications deployed on AWS. It automatically assesses applications for vulnerabilities or deviations from best practices, including unintended network accessibility on EC2 instances.

Why other options are incorrect:

AWS Config: This service provides resource inventory, configuration history, and configuration change notifications to enable security and governance, but it doesn't specifically identify vulnerabilities or unintended network accessibility.
AWS Trusted Advisor: This service provides real-time guidance to help provision resources following AWS best practices, but it focuses more on cost optimization, performance, security, and fault tolerance rather than vulnerability scanning.
AWS Shield: This is a managed Distributed Denial of Service (DDoS) protection service that safeguards applications running on AWS, but it doesn't identify vulnerabilities or unintended network accessibility.

Amazon Inspector works by installing an agent on EC2 instances that continuously monitors for software vulnerabilities and unintended network exposure, making it the ideal choice for this requirement.

Powered ByGPT-5.2

Comments

Loading comments...