AWS Certified Cloud Practitioner (CLF-C02) — Question 3

A company has deployed applications on Amazon EC2 instances. The company needs to assess application vulnerabilities and must identify infrastructure deployments that do not meet best practices.
Which AWS service can the company use to meet these requirements?

Answer options

Correct answer: B

Explanation

Amazon Inspector is specifically designed to analyze applications for vulnerabilities and provides a detailed assessment of security best practices. AWS Trusted Advisor focuses on cost optimization and performance, AWS Config monitors resource configurations, and Amazon GuardDuty is a threat detection service, making them less suitable for vulnerability assessment.