To protect applications against security attacks and monitor the security state of AWS resources, you plan to configure several security tools in your AWS account, including Amazon Inspector and Amazon GuardDuty. There are multiple requirements from the security team. For which of the following requirements should Amazon Inspector be used?

Answer options:

A.Verify whether EC2 instances in the AWS environment are exposed to common vulnerabilities and exposures (CVEs).
B.Alert the team if an EC2 instance is querying an IP address that is associated with Bitcoin activities.
C.Check if an EC2 instance has been involved in RDP brute force attacks based on VPC flow logs.
D.Verify trusted IP lists for secure communication within AWS infrastructure so that findings based on these IP addresses are not reported.

Correct Answer: A
Option A is CORRECT because, in Amazon Inspector, users can include the Common Vulnerabilities and Exposures package in an assessment template:
Option B is incorrect because this belongs to an EC2 finding type in GuardDuty. Please check for details. 
Option C is incorrect because “VPC Flow Logs” is one of the data sources that GuardDuty uses to evaluate the EC2 security status. This option belongs to the “UnauthorizedAccess:EC2/RDPBruteForce” finding type in GuardDuty.
Option D is incorrect because using GuardDuty, you can add trusted IP lists to stop alerts for these IPs, not with Amazon Inspector.
References:
https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_finding-types-ec2.html#cryptocurrency-ec2-bitcointoolb
https://docs.aws.amazon.com/inspector/latest/userguide/inspector_cves.html,
https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_finding-types-ec2.html