Which solution will meet these requirements?
Use AWS Systems Manager to detect vulnerabilities on the EC2 instances. Install the Amazon Kinesis Agent to capture system logs and deliver them to Amazon S3.
Use AWS Systems Manager to detect vulnerabilities on the EC2 instances. Install the Systems Manager Agent to capture system logs and view login activity in the CloudTrail console.
Configure Amazon CloudWatch to detect vulnerabilities on the EC2 instances. Install the AWS Config daemon to capture system logs and view them in the AWS Config console.
Configure Amazon Inspector to detect vulnerabilities on the EC2 instances. Install the Amazon CloudWatch Agent to capture system logs and record them via Amazon CloudWatch Logs.
Explanations:
AWS Systems Manager does not detect vulnerabilities on EC2 instances. The Amazon Kinesis Agent is used for streaming data, not for capturing system logs related to login activity.
AWS Systems Manager does not detect vulnerabilities on EC2 instances. The Systems Manager Agent is used for managing EC2 instances, not for capturing login activities. Login activity should be tracked with CloudTrail.
Amazon CloudWatch does not detect vulnerabilities on EC2 instances. AWS Config tracks resource configuration, not system logs or login activities.
Amazon Inspector is specifically designed to detect vulnerabilities on EC2 instances. The Amazon CloudWatch Agent can be installed to capture system logs, and CloudWatch Logs can be used to record login activities. This option meets both requirements.
If I had to guess, I’d say the answer is:
Configure Amazon Inspector to detect vulnerabilities on the EC2 instances. Install the Amazon CloudWatch Agent to capture system logs and record them via Amazon CloudWatch Logs.