ExpertEasy1 markMultiple Choice
AWS SAA-C03 · Question 10 · Domain 1.2: Secure Workloads
A company wants to continuously monitor its AWS accounts for malicious activity and unauthorized behavior, such as unusual API calls or compromised EC2 instances communicating with known command-and-control servers. Which service should be enabled?
A company wants to continuously monitor its AWS accounts for malicious activity and unauthorized behavior, such as unusual API calls or compromised EC2 instances communicating with known command-and-control servers. Which service should be enabled?
Answer options:
A.
AWS CloudTrail
B.
Amazon Macie
C.
Amazon GuardDuty
D.
AWS Config
How to approach this question
Look for 'malicious activity', 'unauthorized behavior', and 'command-and-control'. These are key indicators for GuardDuty.
Full Answer
C.Amazon GuardDuty✓ Correct
Amazon GuardDuty
Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts and workloads.
Common mistakes
Choosing CloudTrail. While CloudTrail provides the logs, GuardDuty provides the actual threat detection analysis.
Practice the full AWS SAA-C03 Practice Exam 7
65 questions · hints · full answers · grading
More questions from this exam
Q01A company has multiple AWS accounts in an AWS Organizations organization. The security team needs...MediumQ02An application runs on Amazon EC2 instances and needs to access an Amazon S3 bucket. What is the ...EasyQ03A company wants to implement federated access to the AWS Management Console for its employees usi...MediumQ04A company is building a mobile application that requires users to sign in using their social medi...EasyQ05A security team wants to enforce MFA for all IAM users before they can terminate EC2 instances. H...Medium