Topic 1 Question 256
A security engineer is designing security controls for a fleet of Amazon EC2 instances that run sensitive workloads in a VPC. The security engineer needs to implement a solution to detect and mitigate software vulnerabilities on the EC2 instances.
Which solution will meet this requirement?
Scan the EC2 instances by using Amazon Inspector. Apply security patches and updates by using AWS Systems Manager Patch Manager.
Install host-based firewall and antivirus software on each EC2 instance. Use AWS Systems Manager Run Command to update the firewall and antivirus software.
Install the Amazon CloudWatch agent on the EC2 instances. Enable detailed logging. Use Amazon EventBridge to review the software logs for anomalies.
Scan the EC2 instances by using Amazon GuardDuty Malware Protection. Apply security patches and updates by using AWS Systems Manager Patch Manager.
ユーザの投票
コメント(1)
- 正解だと思う選択肢: A
The best solution to detect and mitigate software vulnerabilities on the EC2 instances is:
A. Scan the EC2 instances by using Amazon Inspector. Apply security patches and updates by using AWS Systems Manager Patch Manager.
Amazon Inspector: It provides automated vulnerability management for your EC2 instances. It continuously scans for vulnerabilities and deviations from best practices, giving you detailed findings and recommendations.
AWS Systems Manager Patch Manager: This tool automates the process of applying security patches and updates, ensuring your instances are always up-to-date with the latest security patches.
This combination offers a comprehensive approach to both detecting and mitigating vulnerabilities with minimal manual intervention, ensuring continuous compliance and security.
👍 1IPLogic2024/12/05
シャッフルモード