You want to get a list of vulnerabilities for an EC2 Instance as per the guidelines set by the Center of Internet Security. How can you go about doing this?

Answer options:

A.Enable AWS Guard Duty for the Instance
B.Use AWS Trusted Advisor
C.Use AWS Inspector
D.Use AWS Macie

Answer is C
Option A is incorrect as GuardDuty is used for threat detection and prevention but does not provide a list of vulnerabilities as per CIS guidelines.
Option B is incorrect as AWS Trusted Advisor is generally used to optimize your AWS infrastructure, increase security and performance, reduce your overall costs, and monitor service limits. This does not provide the list of vulnerabilities as per the CIS guidelines.
Option C is correct as Amazon Inspector currently provides the CIS Certified rules packages to help establish secure configuration postures for several operating systems.
Option D is incorrect as Amazon Macie is used for cost-efficiently discovery of sensitive data at scale and does not provide what the questions asks. i.e list of vulnerabilities as per CIS guidelines
The AWS Inspector service can inspect EC2 Instances based on specific Rules. One of the rules packages is based on the guidelines set by the Center of Internet Security.
For more information on the guidelines, please refer the below URL:
https://docs.aws.amazon.com/inspector/latest/userguide/inspector_cis.html