Imagine you are part of an incident response team dealing with a potential data leak from an AWS S3 bucket. How would you use AWS CloudTrail and Amazon GuardDuty to investigate the incident and what steps would you take to prevent future leaks? Describe the process from detection to prevention.

Simulated

Use only AWS CloudTrail for basic logging without detailed investigation.

0.0%

Leverage both AWS CloudTrail for event history and Amazon GuardDuty for threat detection to investigate the incident and implement preventive measures such as bucket policies and access controls.

100.0%

Ignore Amazon GuardDuty and rely solely on AWS CloudTrail.

0.0%

Assume no leak occurred without investigation.

0.0%

AWS Certified Security - Specialty

Get started today

Comments

Imagine you are part of an incident response team dealing with a potential data leak from an AWS S3 bucket. How would you use AWS CloudTrail and Amazon GuardDuty to investigate the incident and what steps would you take to prevent future leaks? Describe the process from detection to prevention.