A company runs workloads on Amazon EC2 instances. The company needs to continually scan the EC2 instances for software vulnerabilities and unintended network exposure.
Which solution will meet these requirements?
A.
Use Amazon Inspector. Set the scan mode to hybrid scanning.
B.
Use Amazon GuardDuty. Enable the Malware Protection feature.
C.
Use Amazon Inspector. Enable the Malware Protection feature.
D.
Use Amazon GuardDuty. Enable the Runtime Monitoring feature.
Comprehensive and Detailed Explanation From Exact Extract:
Amazon Inspector offers automated, continuous vulnerability scanning for Amazon EC2 instances. The new version includes Malware Protection, which scans for malicious software as part of its inspection process.
This capability enables both detection of software vulnerabilities and malicious activity (like viruses or rootkits), thus covering both parts of the requirement: vulnerabilities and unintended network exposure.
This falls under Infrastructure Security and aligns with recommended practices for securing compute resources on AWS.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit