You work as a Systems administrator in a company. Your company manages thousands of EC2 Instances. There is a mandate to ensure that all servers are free from any critical security flaws. Which of the following can be done to ensure this? Choose 2 answers from the options given below.

Answer options:

A.Use AWS Config to ensure that the servers have no critical flaws.
B.Use AWS Inspector to ensure that the servers have no critical flaws.
C.Use AWS Inspector to patch the servers
D.Use AWS SSM to patch the servers

Correct Answers: B and D
The AWS Documentation mentions the following on AWS Inspector.
Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. Amazon Inspector automatically assesses applications for vulnerabilities or deviations from best practices. After performing an assessment, Amazon Inspector produces a detailed list of security findings prioritized by level of severity. These findings can be reviewed directly or as part of detailed assessment reports available via the Amazon Inspector console or API.
Once you understand the list of servers that require critical updates, you can rectify them by installing the required patches via the SSM tool.
Option A is invalid because the AWS Config service is not used to check the vulnerabilities on servers.
Option C is invalid because the AWS Inspector service is not used to patch servers.
For more information on AWS Inspector, please visit the following URL-
https://aws.amazon.com/inspector/
For more information on the Systems Manager, please visit the following URL-
https://docs.aws.amazon.com/systems-manager/latest/APIReference/Welcome.html