In a scenario where a company's AWS account, which hosts a production application, receives an email notification about an Amazon GuardDuty finding indicating anomalous behavior by an IAM user (Impact:IAMUser/AnomalousBehavior), a security engineer is tasked with investigating this security incident. The investigation must be conducted without causing any disruption to the production application. Which of the following solutions would be the most efficient in terms of time to fulfill these investigation requirements? | AWS Certified Security - Specialty Quiz