SCS-C02 · Question #152
SCS-C02 Question #152: Real Exam Question with Answer & Explanation
Sign in or unlock SCS-C02 to reveal the answer and full explanation for question #152. The question stem and answer options stay visible for context.
Question
A company uses Amazon Elastic Container Service (Amazon ECS) containers that have the Fargate launch type. The containers run web and mobile applications that are written in Java and Node.js. To meet network segmentation requirements, each of the company's business units deploys applications in its own dedicated AWS account. Each business unit stores container images in an Amazon Elastic Container Registry (Amazon ECR) private registry in its own account. A security engineer must recommend a solution to scan ECS containers and ECR registries for vulnerabilities in operating systems and programming language libraries. The company's audit team must be able to identify potential vulnerabilities that exist in any of the accounts where applications are deployed. Which solution will meet these requirements?
Options
- AIn each account, update the ECR registry to use Amazon Inspector instead of the default
- BIn each account, configure AWS Config to monitor the configuration of the ECS containers and
- CIn each account, configure AWS Audit Manager to scan the ECS containers and the ECR
- DIn each account, configure Amazon GuardDuty to scan the ECS containers and the ECR registry.
Unlock SCS-C02 to see the answer
You've previewed enough free SCS-C02 questions. Unlock SCS-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.