Your organization has recently experienced a series of security incidents, and you suspect that an attacker may have gained unauthorized access to your AWS environment. You have been tasked with using AWS services to detect and analyze these security threats. Which of the following steps should you take to effectively evaluate the findings from security services such as GuardDuty, Security Hub, and Macie?

Simulated

Enable logging for all AWS services and review the logs manually to identify any suspicious activity.

0.0%

Use AWS Config to track changes to your AWS resources and correlate them with findings from GuardDuty and Security Hub.

60.0%

Disable all AWS services to prevent further unauthorized access and then perform a full audit of your environment.

20.0%

Ignore the findings from security services and rely solely on your internal security team to identify and mitigate any threats.

20.0%

AWS Certified Security - Specialty