Skip to Content

Amazon CLF-C02: Which AWS service monitor for misconfigured security groups allow unrestricted access to specific ports?

By: Author Alex Lim

Posted on  - Last updated:

Categories Exam

Table of Contents

Question

A company wants to monitor for misconfigured security groups that are allowing unrestricted access to specific ports. Which AWS service will meet this requirement?

A. AWS Trusted Advisor
B. Amazon CloudWatch
C. Amazon Guard Duty
D. AWS Health Dashboard

Answer

The AWS service that will meet the requirement of monitoring for misconfigured security groups that are allowing unrestricted access to specific ports is AWS Trusted Advisor (Option A).

Explanation

Let’s evaluate each option to determine the most suitable service:

  • A. AWS Trusted Advisor: AWS Trusted Advisor provides real-time guidance to help optimize AWS resources, improve security, and maximize performance. It includes a Security category that can identify security group configurations that allow unrestricted access to specific ports. It offers recommendations and alerts to help remediate misconfigurations and ensure proper security practices.
  • B. Amazon CloudWatch: Amazon CloudWatch is a monitoring and observability service for AWS resources. While it can monitor various metrics and logs, it does not specifically focus on identifying misconfigured security groups.
  • C. Amazon GuardDuty: Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior within your AWS environment. While it helps detect potential security issues, it does not specifically focus on identifying misconfigured security groups.
  • D. AWS Health Dashboard: The AWS Health Dashboard provides information about the status of AWS services and any potential disruptions. It is not specifically designed for monitoring misconfigured security groups.

In summary, based on the requirement of monitoring for misconfigured security groups that allow unrestricted access to specific ports, the most appropriate AWS service is AWS Trusted Advisor (Option A). It offers real-time guidance and recommendations to identify and remediate such misconfigurations, helping to ensure proper security practices within your AWS environment.

Which AWS service monitor for misconfigured security groups allow unrestricted access to specific ports?

Amazon AWS Certified Cloud Practitioner CLF-C02 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Amazon AWS Certified Cloud Practitioner CLF-C02 exam and earn Amazon AWS Certified Cloud Practitioner CLF-C02 certification.