Inspector Flashcards
Inspector
What is Inspector?
important
Check EC2 instances and containers for vulnerabilities and bad practices
Inspector
What’s the mental picture for understanding Inspector?
Military barrack inspection by sergeant: no brains/ML, just check against checklists
run once, get a report
Inspector
How do you use it?
Run it for a while, collect the report.
Inspector
How do you install the agent?
important
Actually not required, but more enriched data if you do.
Inspector
What does Inspector do if an agent isn’t on the box?
important
Just a network assessment (from the outside)
Inspector
What extra data can the agent provide to Inspector?
important
Things withing the operating system itself
Inspector
What are examples of what’s in the report?
CVEs found, reachability, Center for Internet Security (CIS) benchmarks
Inspector
What is “reachability”?
Looks at ALB, DX, ENIs, IGW, ACLs, SGs, Peering and more: how can this be reached?
Inspector
What is in the reachability report?
Open ports: well-known ports, unusual ports, if anything is listening on them from OS
Inspector
What are examples of Packages that Inspector agent can run?
important
CVE (vulnerabilities), CIS (best practices), general security best practices
Inspector
Example of 2 general security best practices?
Disbale root login over ssh, certain folder and file permissions
Inspector
Something on the exam is talking about CVEs or CIS benchmarks?
important
Inspector