AWS Certified SysOps Administrator – Associate (legacy) — Question 612

A company recently migrated from a third-party security application to Amazon Inspector. A sysops administrator discovered that a list of security findings is missing for some Amazon EC2 instances.
Which action will resolve this problem?

Answer options

• A. Generate the missing security findings list manually by logging in to the affected EC2 instances and running CLI commands.
• B. Log in to the affected EC2 instances. Download and install the Amazon Inspector agent from AWS Marketplace on each instance.
• C. Use a network reachability package to analyze network configurations to find security vulnerabilities on the affected EC2 instances.
• D. Verify that the Amazon Inspector agent is installed and running on the affected instances. Restart the Amazon Inspector agent.

Correct answer: C

Explanation

Amazon Inspector uses a network reachability rules package to analyze network configurations and detect security vulnerabilities without requiring an agent. Utilizing this package allows the administrator to generate the missing findings for the affected EC2 instances. Other options are incorrect because manual CLI generation is not supported, and installing or restarting the agent from the AWS Marketplace is not the correct troubleshooting path for agentless network assessments.