A company operates multiple workloads on Amazon EC2 instances within public subnets. During a recent incident, an attacker exploited a vulnerability in an application on one of the EC2 instances, gaining access to it. The company resolved the application issue and deployed a new EC2 instance with the updated application.

The attacker utilized the compromised application to distribute malware across the internet. The company was alerted to the compromise via a notification from AWS. The company now requires a solution to detect when an application running on an EC2 instance is distributing malware, with minimal operational effort.

Which solution best meets this requirement with the LEAST operational overhead?

Exam-Like

Use Amazon GuardDuty to analyze traffic patterns by inspecting DNS requests and VPC flow logs.

100.0%

Use Amazon GuardDuty to deploy AWS managed decoy systems that are equipped with the most recent malware signatures.

0.0%

Set up a Gateway Load Balancer. Run an intrusion detection system (IDS) appliance from AWS Marketplace on Amazon EC2 for traffic inspection.

0.0%

Configure Amazon Inspector to perform deep packet inspection of outgoing traffic.

0.0%

AWS Certified Advanced Networking - Specialty