ExpertMedium1 markMultiple Choice
AWS SAA-C03 · Question 10 · Domain 1.2: Secure Workloads
A company wants to improve its threat detection and response capabilities in AWS. They need a solution that continuously monitors for malicious activity, such as unauthorized access to EC2 instances, and another solution that identifies sensitive data stored in S3 buckets. Which TWO services should be used? (Select TWO.)
A company wants to improve its threat detection and response capabilities in AWS. They need a solution that continuously monitors for malicious activity, such as unauthorized access to EC2 instances, and another solution that identifies sensitive data stored in S3 buckets. Which TWO services should be used? (Select TWO.)
Answer options:
A.
Amazon GuardDuty
B.
AWS WAF
C.
AWS Shield
D.
Amazon Macie
E.
AWS Secrets Manager
How to approach this question
Match 'malicious activity monitoring' with GuardDuty and 'sensitive data in S3' with Macie.
Full Answer
A,D
Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior. Amazon Macie is a fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect sensitive data in AWS S3.
Common mistakes
Confusing GuardDuty with Inspector (vulnerability management) or Macie with GuardDuty.
Practice the full AWS SAA-C03 Practice Exam 1
65 questions · hints · full answers · grading
More questions from this exam
Q01A company has multiple AWS accounts in an AWS Organizations organization. The security team wants...MediumQ02A solutions architect is designing an application that will run on Amazon EC2 instances. The appl...EasyQ03A company wants to implement a federated identity solution for its employees to access the AWS Ma...MediumQ04A mobile application needs to access Amazon DynamoDB directly to read user-specific data. The app...HardQ05A company is hosting a web application on Amazon EC2 instances. The application connects to an Am...Medium