ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
Your organization runs about 200 Amazon EC2 instances spread across several AWS accounts. Security must automatically maintain a single view of all operating-system and application packages installed on every instance, track license utilization and expiration, and receive notifications if any unapproved software appears. The team wants to minimize ongoing administrative overhead. Which AWS solution best meets these requirements?
Publish approved Amazon Machine Images (AMIs) through AWS Service Catalog and configure Amazon GuardDuty to alert on any unapproved software discovered.
Install Amazon Inspector on every instance and rely on AWS Trusted Advisor checks to monitor license usage and unauthorized software.
Enable AWS Systems Manager Inventory across all instances, integrate the data with AWS License Manager, and use AWS Config managed rules to flag unapproved software.
Turn on AWS CloudTrail for all accounts and use Amazon Macie to analyze logs for software installation and licensing events.
AWS Systems Manager Inventory can be enabled with a single click or by State Manager across all managed instances, automatically collecting detailed metadata about installed OS and application packages and sending it to a central S3 bucket and AWS Config. AWS License Manager integrates with Systems Manager inventory data, letting the organization define licensing rules, detect over-usage, and set alarms on approaching expirations. AWS Config rules can compare collected inventory against an approved software list to flag unauthorized packages. Amazon Inspector focuses on vulnerabilities, not license tracking; Trusted Advisor offers high-level checks but does not enumerate installed software; CloudTrail and Macie do not gather package or license data; Service Catalog and GuardDuty cannot discover or track software inventory or licenses. Therefore, combining Systems Manager Inventory with License Manager (and optional Config rules for compliance) best satisfies all stated objectives with minimal maintenance.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
How does AWS Systems Manager Inventory track software packages?
Open an interactive chat with Bash
What is AWS License Manager and how does it integrate with Systems Manager Inventory?
Open an interactive chat with Bash
What are AWS Config managed rules and how do they flag unapproved software?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Security Concepts and Practices
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .