Describe the process of designing and implementing a playbook for a security incident involving unauthorized access to AWS resources. What specific AWS services and tools would you include in the playbook, and why?

Simulated

Use AWS CloudTrail for logging, AWS Config for compliance checks, and AWS Lambda for automated responses.

33.3%

Deploy Amazon GuardDuty to detect anomalies, Amazon Macie to identify sensitive data, and AWS Security Hub to manage the incident response.

66.7%

Manually review AWS CloudTrail logs, use Amazon S3 for data storage, and AWS IAM for access control.

0.0%

Block all network traffic using AWS Network Firewall, analyze logs with Amazon Elasticsearch, and use AWS Lambda for remediation scripts.

0.0%

AWS Certified Security - Specialty