Amendment required for Practice Exam 20

[rebeus]

I have an issue with this question:

10. According to the AWS Well-Architected Framework, what change management steps should be taken to achieve reliability in the AWS Cloud? (Choose two.)
 A. Use AWS Config to generate an inventory of AWS resources
 B. Use service limits to prevent users from creating or making changes to AWS resources
 C. Use AWS CloudTrail to record AWS API calls into an auditable log file
 D. Use AWS Certificate Manager to whitelist approved AWS resources and services
 E. Use Amazon GuardDuty to validate configuration changes made to AWS resources  

  Correct Answer: DE

Can someone explain why it is D & E? Shouldn't it be A and C instead? Because those feel more like reliability instead of security. I searched for this question online and elsewhere it mentioned AWS Config and AWS Cloud Trail

28. A web application is hosted on AWS using an Elastic Load Balancer, multiple Amazon EC2 instances, and Amazon RDS. <br/> Which security measures fall under the responsibility of AWS? (Choose two.)
    - A. Running a virus scan on EC2 instances
    - B. Protecting against IP spoofing and packet sniffing
    - C. Installing the latest security patches on the RDS instance
    - D. Encrypting communication between the EC2 instances and the Elastic Load Balancer
    - E. Configuring a security group and a network access control list (NACL) for EC2

    <details markdown=1><summary markdown="span">Answer</summary>

    Correct Answer: CD

    </details>

It should be Correct Answer: BC as that falls under the remit of AWS. D isn't correct because encrypting communication between EC2 Instances and ELB requires customer to apply certificates and also to configure the instances and ELB for encryption.

[rebeus]

@kananinirav - please review these issues as fixes will benefit everyone.

[kananinirav]

@rebeus Thanks 🙇 🙏

Fixed: https://github.com/kananinirav/AWS-Certified-Cloud-Practitioner-Notes/commit/eaf3aeef480f177faafc16cc67763c1222023189