You are responsible for conducting a root cause analysis of a security incident in your organization's AWS environment. Describe the steps you would take to analyze the incident and identify the underlying cause.

Simulated

Review AWS CloudTrail logs to identify any unauthorized API calls or changes to the AWS environment.

25.0%

Analyze Amazon VPC Flow Logs to identify any unusual network traffic or communication patterns.

0.0%

Use AWS Security Hub to aggregate and analyze data from various AWS services to identify potential security issues.

25.0%

Leverage AWS Detective to create a graph of the relationships between AWS resources and analyze the data to identify the root cause of the incident.

50.0%

AWS Certified Security - Specialty