AWS Certified Cloud Practitioner

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: Use Amazon GuardDuty to monitor CloudWatch logs.

**Amazon GuardDuty** is a managed threat detection service that continuously monitors for malicious activity, unusual API calls, and unauthorized behavior to protect your AWS accounts and workloads. Although GuardDuty primarily analyzes foundational data sources like AWS CloudTrail management event logs, Amazon VPC Flow Logs, and DNS logs (rather than directly acting as a generic CloudWatch Logs monitor), it is the specific AWS service designed to automatically detect unusual API activity and security events across an AWS environment.

Author: Ritesh Yadav

Quick Answer

Answer-first summary for fast verification

Answer: Use Amazon GuardDuty to monitor CloudWatch logs.

Author: Ritesh Yadav

Comments (0)

No comments yet.

Question #72 A company runs a workload in an Amazon VPC. The company configures Amazon CloudWatch Logs for the workload. The company needs a solution to automatically detect unusual API activity and security events in the company's AWS account. Which solution will meet this requirement?

Real Exam

Community

RRitesh

Last updated: April 30, 2026 at 11:36

Use Amazon Inspector to scan VPC flow logs.

Use Amazon GuardDuty to monitor CloudWatch logs.

Implement AWS CloudTrail Insights.

Use AWS Config automatic anomaly detection.