Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Discussions
  1. Home
  2. Discussions
  3. Amazon Web Services
  4. AWS Certified Specialty
  5. SCS-C02 Discussions
  6. SCS-C02 Exam Topic 15 Question 144 Discussion
 Amazon Web Services Discussions
Exam SCS-C02 All Questions
Exam SCS-C02 All Questions

View all questions & answers for the SCS-C02 exam

Go to Exam

Amazon Web Services AWS Certified Specialty SCS-C02 Question # 144 Topic 15 Discussion

SCS-C02 Exam Topic 15 Question 144 Discussion:
Question #: 144
Topic #: 15

Amazon GuardDuty has detected communications to a known command and control endpoint from a company's Amazon EC2 instance. The instance was found to be running a vulnerable version of a common web framework. The company's security operations team wants to quickly identity other compute resources with the specific version of that framework installed.

Which approach should the team take to accomplish this task?
A.

Scan all the EC2 instances for noncompliance with IAM Config. Use Amazon Athena to queryIAM CloudTrail logs for the framework installation

B.

Scan all the EC2 instances with the Amazon Inspector Network Reachability rules package to identity instances running a web server with RecognizedPortWithListener findings

C.

Scan all the EC2 instances with IAM Systems Manager to identify the vulnerable version of the web framework

D.

Scan an the EC2 instances with IAM Resource Access Manager to identify the vulnerable version of the web framework

Get Premium SCS-C02 Questions
Actual exam question for Amazon Web Services SCS-C02 exam by Kai9910 at May 4, 2026, 2:00:47 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit