Answer-first summary for fast verification
Answer: Enable Amazon GuardDuty from a centralized account. Use GuardDuty to manage AWS CloudTrail logs, VPC flow logs, and DNS logs.
The correct answer is C. Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts and workloads. It directly uses AWS CloudTrail logs, VPC flow logs, and DNS logs to identify unusual or suspicious activities such as DNS access peaks, abnormal instance traffic, abnormal network interface traffic, and unusual Amazon S3 API calls. GuardDuty provides near-real-time findings and integrates seamlessly with AWS Security Hub, enabling continuous and comprehensive threat detection and response.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
A company requires a solution to continuously monitor its system for various threats, including DNS access peaks, abnormal instance traffic, abnormal network interface traffic, and unusual Amazon S3 API calls, in near-real time. Which solution is most appropriate for this task?
A
Enable AWS CloudTrail logs, VPC flow logs, and DNS logs. Use Amazon CloudWatch Logs to manage these logs from a centralized account.
B
Enable AWS CloudTrail logs, VPC flow logs, and DNS logs. Use Amazon Macie to monitor these logs from a centralized account.
C
Enable Amazon GuardDuty from a centralized account. Use GuardDuty to manage AWS CloudTrail logs, VPC flow logs, and DNS logs.
D
Enable Amazon Inspector from a centralized account. Use Amazon Inspector to manage AWS CloudTrail logs, VPC flow logs, and DNS logs.