Inspector

Question 1

Inspector

What is Inspector?

important

Answer 1

Check EC2 instances and containers for vulnerabilities and bad practices

Question 2

Inspector

What’s the mental picture for understanding Inspector?

Answer 2

Military barrack inspection by sergeant: no brains/ML, just check against checklists

run once, get a report

Question 3

Inspector

How do you use it?

Answer 3

Run it for a while, collect the report.

Question 4

Inspector

How do you install the agent?

important

Answer 4

Actually not required, but more enriched data if you do.

Question 5

Inspector

What does Inspector do if an agent isn’t on the box?

important

Answer 5

Just a network assessment (from the outside)

Question 6

Inspector

What extra data can the agent provide to Inspector?

important

Answer 6

Things withing the operating system itself

Question 7

Inspector

What are examples of what’s in the report?

Answer 7

CVEs found, reachability, Center for Internet Security (CIS) benchmarks

Question 8

Inspector

What is “reachability”?

Answer 8

Looks at ALB, DX, ENIs, IGW, ACLs, SGs, Peering and more: how can this be reached?

Question 9

Inspector

What is in the reachability report?

Answer 9

Open ports: well-known ports, unusual ports, if anything is listening on them from OS

Question 10

Inspector

What are examples of Packages that Inspector agent can run?

important

Answer 10

CVE (vulnerabilities), CIS (best practices), general security best practices

Question 11

Inspector

Example of 2 general security best practices?

Answer 11

Disbale root login over ssh, certain folder and file permissions

Question 12

Inspector

Something on the exam is talking about CVEs or CIS benchmarks?

important

Answer 12

Inspector