AWS Certified SysOps Administrator – Associate (legacy) — Question 417

What can an Administrator do to monitor whether an organization's instances are compliant with corporate policies and guidelines?

Answer options

Correct answer: D

Explanation

AWS Config allows administrators to assess, audit, and evaluate the configurations of AWS resources, and AWS Config Rules can specifically monitor compliance of instance configurations and applications against defined guidelines. In contrast, instance metadata does not track installed software, AWS CloudTrail logs API calls rather than internal OS-level application states, and Amazon CloudWatch alarms do not natively track software configuration changes within instances.