Topic 1 Question 616
A company has deployed its newest product on AWS. The product runs in an Auto Scaling group behind a Network Load Balancer. The company stores the product’s objects in an Amazon S3 bucket.
The company recently experienced malicious attacks against its systems. The company needs a solution that continuously monitors for malicious activity in the AWS account, workloads, and access patterns to the S3 bucket. The solution must also report suspicious activity and display the information on a dashboard.
Which solution will meet these requirements?
Configure Amazon Macie to monitor and report findings to AWS Config.
Configure Amazon Inspector to monitor and report findings to AWS CloudTrail.
Configure Amazon GuardDuty to monitor and report findings to AWS Security Hub.
Configure AWS Config to monitor and report findings to Amazon EventBridge.
ユーザの投票
コメント(8)
- 正解だと思う選択肢: C
The key reasons are:
Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior. It analyzes AWS CloudTrail, VPC Flow Logs, and DNS logs. GuardDuty can detect threats like instance or S3 bucket compromise, malicious IP addresses, or unusual API calls. Findings can be sent to AWS Security Hub which provides a centralized security dashboard and alerts. Amazon Macie and Amazon Inspector do not monitor the breadth of activity that GuardDuty does. They focus more on data security and application vulnerabilities respectively. AWS Config monitors for resource configuration changes, not malicious activity.
👍 9Guru4Cloud2023/09/23 Answer is C Since Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts, Amazon Elastic Compute Cloud (EC2) workloads, container applications, Amazon Aurora databases, and data stored in Amazon Simple Storage Service (S3).
👍 2brownie232023/09/22- 正解だと思う選択肢: C
What Guard Duty is for.
👍 2taustin22023/09/22
シャッフルモード