AWS Certified Cloud Practitioner — Question 685

Which AWS service should a cloud practitioner use to identify security vulnerabilities of an AWS account?

Answer options

• A. AWS Secrets Manager
• B. Amazon Cognito
• C. Amazon Macie
• D. AWS Trusted Advisor

Correct answer: D

Explanation

AWS Trusted Advisor evaluates your AWS environment against best practices, including security checks to identify potential vulnerabilities and open ports. AWS Secrets Manager is designed for protecting and rotating credentials, while Amazon Cognito handles user authentication, and Amazon Macie focuses on discovering and securing sensitive data stored in Amazon S3.