Topic 1 Question 289
A security engineer needs to implement a solution to determine whether a company’s Amazon EC2 instances are being used to mine cryptocurrency. The solution must provide notifications of cryptocurrency-related activity to an Amazon Simple Notification Service (Amazon SNS) topic.
Which solution will meet these requirements?
Create AWS Config custom rules by using Guard custom policy. Configure the AWS Config rules to detect when an EC2 instance queries a DNS domain name that is associated with cryptocurrency-related activity. Configure AWS Config to initiate alerts to the SNS topic.
Enable Amazon GuardDuty. Create an Amazon EventBridge rule to send alerts to the SNS topic when GuardDuty creates a finding that is associated with cryptocurrency-related activity.
Enable Amazon Inspector. Create an Amazon EventBridge rule to send alerts to the SNS topic when Amazon Inspector creates a finding that is associated with cryRtocurrency-related activity.
Enable VPC flow logs. Send the flow logs to an Amazon S3 bucket. Set up a query in Amazon Athena to detect when an EC2 instance queries a DNS domain name that is associated with cryptocurrency-related activity. Configure the Athena query to initiate alerts to the SNS topic.
ユーザの投票
コメント(1)
- 正解だと思う選択肢: B
Amazon GuardDuty is the best solution for detecting cryptocurrency mining on EC2 instances. It provides:
Threat Detection for Cryptocurrency Mining ✅
GuardDuty has built-in detection for malicious activities, including crypto-mining behavior. It analyzes VPC Flow Logs, DNS logs, and CloudTrail logs to detect suspicious activity. Automated Alerts via EventBridge & SNS ✅
GuardDuty findings are automatically sent to Amazon EventBridge. EventBridge rules can trigger an SNS notification whenever GuardDuty detects cryptocurrency mining activity.
👍 1AWSLoverLoverLoverLoverLover2025/02/20
シャッフルモード