AWS Certified Cloud Practitioner
Get started today
Ultimate access to all questions.
Deep dive into the quiz with AI chat providers.
We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.
Which AWS service monitors AWS accounts for security threats?
Real Exam
Community
RRitesh
A
Amazon GuardDuty
B
AWS Secrets Manager
C
Amazon Cognito
D
AWS Certificate Manager (ACM)
Explanation:
Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts and workloads. It uses machine learning, anomaly detection, and integrated threat intelligence to identify and prioritize potential threats.
Key features of Amazon GuardDuty:
-
Monitors AWS CloudTrail event logs for suspicious API activity
-
Analyzes VPC Flow Logs for unusual network traffic patterns
-
Examines DNS logs for potentially malicious activity
-
Provides security findings with severity levels and remediation steps
-
Integrates with AWS Security Hub and Amazon EventBridge
Other options explained:
-
AWS Secrets Manager: Used for managing and rotating secrets, not for security monitoring
-
Amazon Cognito: Provides user authentication and access control, not threat detection
-
AWS Certificate Manager (ACM): Manages SSL/TLS certificates, not security monitoring
Comments
Loading comments...