A Start-up firm has installed Amazon Inspector on Amazon EC2 Instance for assessing vulnerabilities.
The security team would like to have notifications about assessment run states and findings.
The Security Team has created a separate SNS topic to receive these notifications. Which of the following can be used to add SNS topic configuration with AWS Inspector?
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer: D.
Assessment templates with Amazon Inspector can be used to include SNS topics to which notifications about assessment run states and findings can be sent.
Option A is incorrect as SNS topics should be added in the Assessment template and not in the Assessment run.
Option B is incorrect as SNS topics should be added in the Assessment template and not in the Assessment target.
Option C is incorrect as SNS topics should be added in the Assessment template and not in the Assessment Package.
For more information on concepts with Amazon Inspector, refer to the following URL,
https://docs.aws.amazon.com/inspector/latest/userguide/inspector_concepts.htmlThe correct answer is A. Assessment run.
Amazon Inspector is a security assessment service that helps improve the security and compliance of applications deployed on AWS. It assesses applications for vulnerabilities, deviations from best practices, and insecure configurations. When an assessment run is launched, it inspects the instances included in the assessment target and generates findings.
To add SNS topic configuration with AWS Inspector, you can configure an Amazon SNS topic to receive notifications about assessment run states and findings. The Security Team has already created a separate SNS topic to receive these notifications.
To add the SNS topic configuration, you need to perform the following steps:
Open the Amazon Inspector console.
Choose the assessment run for which you want to add the SNS topic configuration.
Choose the "Actions" button and then choose "Edit SNS Topic."
In the "Edit SNS Topic" dialog box, enter the Amazon Resource Name (ARN) of the SNS topic that the Security Team has created.
Choose "Save" to save the SNS topic configuration.
After the SNS topic configuration is saved, the Security Team will receive notifications about the assessment run states and findings.
Assessment target, assessment package, and assessment template are not relevant options to add SNS topic configuration with AWS Inspector. The assessment target specifies the AWS resources that are assessed by Inspector, the assessment package defines the rules packages to be used during assessment, and the assessment template is a pre-configured set of assessment templates.