A security engineer at a company is tasked with creating an incident response plan to detect and respond to suspicious activities within VPC-hosted resources across multiple AWS Regions. To achieve this effectively and cost-efficiently, which two actions should the engineer implement?

Exam-Like

Turn on VPC Flow Logs for all VPCs in the account.

8.3%

Activate Amazon GuardDuty across all AWS Regions.

37.5%

Activate Amazon Detective across all AWS Regions.

0.0%

Create an Amazon Simple Notification Service (Amazon SNS) topic and an Amazon EventBridge rule that publishes findings to the SNS topic.

41.7%

Create an AWS Lambda function and an Amazon EventBridge rule that invokes the Lambda function to send findings via Amazon Simple Email Service (Amazon SES).

12.5%

AWS Certified Security - Specialty

Get started today

Comments

A security engineer at a company is tasked with creating an incident response plan to detect and respond to suspicious activities within VPC-hosted resources across multiple AWS Regions. To achieve this effectively and cost-efficiently, which two actions should the engineer implement?