AWS Certified Security - Specialty

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: Use Detective to correlate logs and visualize the attack path, then manually identify the root cause.

Amazon Detective simplifies the process of analyzing and investigating security issues by automatically collecting and processing logs from various AWS services. It correlates this data to create a unified view and visualizes the potential paths attackers used, making it easier to identify the root cause compared to traditional, more time-consuming log analysis methods.

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Answer: Use Detective to correlate logs and visualize the attack path, then manually identify the root cause.

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

Your company has experienced a security breach involving multiple compromised resources. How would you use Amazon Detective to conduct a root cause analysis? Describe the steps and the benefits of using Detective over traditional log analysis methods.

Simulated

Import logs into Detective and manually analyze the data for anomalies.

0.0%

Configure Detective to automatically analyze AWS resources and identify the root cause.

0.0%

Use Detective to correlate logs and visualize the attack path, then manually identify the root cause.

100.0%

Manually review CloudTrail logs and correlate them with VPC Flow Logs to identify the root cause.