SCS-C03 · Question #82
SCS-C03 Question #82: Real Exam Question with Answer & Explanation
The correct answer is A: Scan the EC2 instances by using Amazon Inspector. Apply security patches and updates by. Amazon Inspector is a security service that helps detect vulnerabilities and unintended network exposure on Amazon EC2 instances. It automatically scans instances for known software vulnerabilities and provides recommendations to mitigate them. AWS Systems Manager Patch Manager c
Question
A security engineer is designing security controls for a fleet of Amazon EC2 instances that run sensitive workloads in a VPC. The security engineer needs to implement a solution to detect and mitigate software vulnerabilities on the EC2 instances. Which solution will meet this requirement?
Options
- AScan the EC2 instances by using Amazon Inspector. Apply security patches and updates by
- BInstall host-based firewall and antivirus software on each EC2 instance. Use AWS Systems
- CInstall the Amazon CloudWatch agent on the EC2 instances. Enable detailed logging. Use
- DScan the EC2 instances by using Amazon GuardDuty Malware Protection. Apply security patches
Explanation
Amazon Inspector is a security service that helps detect vulnerabilities and unintended network exposure on Amazon EC2 instances. It automatically scans instances for known software vulnerabilities and provides recommendations to mitigate them. AWS Systems Manager Patch Manager complements Amazon Inspector by automating the process of applying security patches and updates to maintain the security of the EC2 fleet. This combination provides a comprehensive solution for both vulnerability detection and patching, aligning with the security engineer's requirement.
Community Discussion
No community discussion yet for this question.