AWS Certified Cloud Practitioner
Get started today
Ultimate access to all questions.
Deep dive into the quiz with AI chat providers.
We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.
A company needs to continuously monitor its environment to analyze network and account activity and identify potential security threats. Which AWS service should the company use to meet these requirements?
Real Exam
Community
RRitesh
A
AWS Artifact
B
Amazon Macie
C
AWS Identity and Access Management (IAM)
D
Amazon GuardDuty
Explanation:
Explanation
Amazon GuardDuty is the correct answer because it is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts and workloads. Here's why:
Key Features of Amazon GuardDuty:
-
Continuous Monitoring: Provides 24/7 monitoring of AWS accounts and workloads
-
Network Activity Analysis: Monitors VPC Flow Logs, DNS logs, and AWS CloudTrail event logs
-
Account Activity Analysis: Analyzes AWS CloudTrail management events for suspicious API calls
-
Threat Intelligence: Uses machine learning, anomaly detection, and integrated threat intelligence to identify threats
-
Security Threat Detection: Identifies compromised instances, reconnaissance activity, and instance credential exfiltration
Why Other Options Are Incorrect:
-
AWS Artifact: Provides on-demand access to AWS security and compliance reports, but does not monitor for security threats
-
Amazon Macie: Focuses on data security and privacy by discovering and protecting sensitive data, not general network and account monitoring
-
AWS Identity and Access Management (IAM): Manages access to AWS services and resources, but does not provide continuous monitoring or threat detection
GuardDuty's continuous monitoring capabilities make it the ideal service for analyzing network and account activity to identify potential security threats.
Comments
Loading comments...