Topic 1 Question 279
A company runs workloads on Amazon EC2 instances. The company needs to continually monitor the EC2 instances for software vulnerabilities and must display the findings in AWS Security Hub. The company must not install agents on the EC2 instances.
Which solution will meet these requirements?
Enable Amazon Inspector. Set the scan mode to hybrid scanning. Enable the integration for Amazon Inspector in Security Hub.
Use Security Hub to enable the AWS Foundational Security Best Practices standard. Wait for Security Hub to generate the findings.
Enable Amazon GuardDuty. Initiate on-demand malware scans by using GuardDuty Malware Protection. Enable the integration for GuardDuty in Security Hub.
Use AWS Config managed rules to detect EC2 software vulnerabilities. Ensure that Security Hub has the AWS Config integration enabled.
ユーザの投票
コメント(1)
- 正解だと思う選択肢: A
A. inspector agentless is now GA https://docs.aws.amazon.com/inspector/latest/user/scanning-ec2.html#agentless
👍 1jdx0002024/11/27
シャッフルモード