Examtopics

コメント(12)

• 正解だと思う選択肢: BD

  BD are the correct options here. The keywords here are "developing an incident response plan to detect suspicious activity". There is no better way to develop incident response plan without providing a way for the relevant stakeholders to take actions or respond to suspicious activities.

  B is an obvious option because GuardDuty can monitor and analyze API calls across all AWS Regions, and network activities found in Amazon CloudTrail Events, Amazon VPC Flow Logs, and DNS Logs. Therefore, option A is not needed since GuardDuty monitoring activities include the VPC Flow Logs.

  There is no better way to respond to the findings generated by GuardDuty than the services described in option D.

  👍 9

  AgboolaKun2023/11/27
• 正解だと思う選択肢: AB

  A and B are correct for sure. The question does not mention anything about "notifications" or "communications", so D is incorrect. A is correct because the question mentions visibility and detection. You get visibility into network traffic with VPC flow logs. B is correct because because we need to "detection" threats. GaurdDuty is a threat detection capability.

  👍 5

  navid13652024/05/16
• 正解だと思う選択肢: BD

  GuardDuty analyzes VPC flow logs regardless of if you have turned them on or not

  👍 3

  lightrod2024/02/08