Answer-first summary for fast verification
Answer: Leverage AWS Detective to create a graph of the relationships between AWS resources and analyze the data to identify the root cause of the incident.
Option D is the most comprehensive approach to conducting a root cause analysis of a security incident. AWS Detective can help you create a graph of the relationships between AWS resources, allowing you to analyze the data and identify potential security issues or compromised resources. While reviewing AWS CloudTrail logs (Option A) and analyzing Amazon VPC Flow Logs (Option B) can provide valuable information, AWS Detective offers a more holistic view of the incident and can help you identify the underlying cause more effectively.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
You are responsible for conducting a root cause analysis of a security incident in your organization's AWS environment. Describe the steps you would take to analyze the incident and identify the underlying cause.
A
Review AWS CloudTrail logs to identify any unauthorized API calls or changes to the AWS environment.
B
Analyze Amazon VPC Flow Logs to identify any unusual network traffic or communication patterns.
C
Use AWS Security Hub to aggregate and analyze data from various AWS services to identify potential security issues.
D
Leverage AWS Detective to create a graph of the relationships between AWS resources and analyze the data to identify the root cause of the incident.
No comments yet.