Amazon GuardDuty has detected communications to a known command and control endpoint from a company's Amazon EC2 instance. The instance was found to be running a vulnerable version of a common web framework. The company's security operations team wants to quickly identify other compute resources with the specific version of that framework installed. Which approach should the team take to accomplish this task?
A) Scan all the EC2 instances for noncompliance with AWS Config. Use Amazon Athena to query AWS CloudTrail logs for the framework installation.
B) Scan all the EC2 instances with the Amazon Inspector Network Reachability rules package to identify instances running a web server with RecognizedPortWithListener findings.
C) Scan all the EC2 instances with AWS Systems Manager to identify the vulnerable version of the web framework.
D) Scan all the EC2 instances with AWS Resource Access Manager to identify the vulnerable version of the web framework.
Correct Answer:
Verified
Q285: A company stores images for a website
Q286: A development team is using an AWS
Q287: A company deployed an Amazon EC2 instance
Q288: A company is using AWS Organizations to
Q289: Example.com is hosted on Amazon EC2 instance
Q290: Unapproved changes were previously made to a
Q291: A company has implemented AWS WAF and
Q293: A company uses Amazon RDS for MySQL
Q294: A company has an application that uses
Q295: A developer is building a serverless application
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents