A company has implemented Amazon GuardDuty across all AWS Regions to enhance its security monitoring. Within a specific VPC, they operate an Amazon EC2 instance functioning as an FTP server, which receives a high volume of connections from various locations hourly. GuardDuty interprets this as a brute force attack due to the frequency of connections. Despite the company marking this as a false positive, GuardDuty continues to report the issue. To refine the detection accuracy without reducing the awareness of potential threats, what measure should a security engineer take?

Exam-Like

Disable the FTP rule in GuardDuty in the Region where the FTP server is deployed.

0.0%

Add the FTP server to a trusted IP list. Deploy the list to GuardDuty to stop receiving the notifications.

40.0%

Create a suppression rule in GuardDuty to filter findings by automatically archiving new findings that match the specified criteria.

40.0%

Create an AWS Lambda function that has the appropriate permissions to delete the finding whenever a new occurrence is reported.

20.0%

AWS Certified Security - Specialty