ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
A security administrator must ensure that 250 Windows-based Amazon EC2 file servers are continuously protected against viruses and other malicious code. The solution must provide real-time on-access scanning, automatically update signatures, and allow centralized policy management with minimal additional infrastructure or licensing costs. Which approach best meets these requirements?
Create a centralized network gateway with a third-party anti-virus virtual appliance that inspects all inbound and outbound traffic.
Enable Amazon GuardDuty malware protection and rely on its EBS volume scans when suspicious activity is detected.
Schedule AWS Lambda functions to take nightly EBS snapshots and scan them with Amazon Inspector for malware.
Use AWS Systems Manager to deploy and manage Microsoft Defender Antivirus on all instances and rely on its automatic signature updates for real-time protection.
Installing the built-in Microsoft Defender Antivirus that ships with Windows Server provides real-time, on-access malware detection and removal. Signature updates are delivered automatically through Windows Update, and the service can be centrally configured and monitored at scale by using AWS Systems Manager capabilities such as State Manager and Run Command. This meets the policy's need for continuous protection, automated updates, and centralized administration without incurring extra licensing or introducing additional infrastructure.
Amazon GuardDuty malware protection only scans EBS snapshots triggered by GuardDuty findings and does not deliver continuous on-access protection or quarantine. Deploying a third-party virtual appliance gateway would not protect files already resident on the servers themselves. Periodic off-host scanning with Amazon Inspector or external tools lacks real-time detection and quarantine, leaving gaps between scans. Therefore, using the native Defender AV on each instance and managing it through Systems Manager is the most appropriate solution.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Microsoft Defender Antivirus and how does it work on Windows-based servers?
Open an interactive chat with Bash
How does AWS Systems Manager help manage antivirus solutions across EC2 instances?
Open an interactive chat with Bash
Why is Microsoft Defender Antivirus preferred over options like GuardDuty or third-party appliances in this scenario?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Security Concepts and Practices
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .