Phanikumar M
from Logging and monitoring section of this course…. AWS Config and AWS Trusted Adviser both are reporting on security group ports open to the world ex: 0.0.0.0/0 if we have a question to pick one option which one would be correct ?
Certified Security - Specialty
Sign Up Free or Log In to participate!
AWS Config and AWS Trusted Adviser
https://www.reddit.com/r/aws/comments/a33hnr/whats_the_key_difference_between_aws_trusted/
I wouldn’t really rely on random answers I find in internet. The person with the "best answer" states the aws config doesn’t care what’s happening inside an EC2. This false per the following clause in FAQ. “Q: Does AWS Config record configuration changes to software within EC2 instances? Yes. AWS Config enables you to record configuration changes to software within EC2 instances in your AWS account and also virtual machines (VMs), or servers in your on-premises environment. The configuration information recorded by AWS Config includes Operating System updates, network configuration, installed applications, etc. You can evaluate whether your instances, VMs, and servers are in compliance with your guidelines using AWS Config Rules. The deep visibility and continuous monitoring capabilities provided by AWS Config allow you to assess compliance and troubleshoot operational issues.” Overall, I think AWS would give you something subtle to distinguish the best answer. I would use the common sense and hope for the best!