Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Advanced Networking - Specialty ANS-C01 All Questions

View all questions & answers for the AWS Certified Advanced Networking - Specialty ANS-C01 exam
Go to Exam

Exam AWS Certified Advanced Networking - Specialty ANS-C01 topic 1 question 56 discussion

Exam question from Amazon's AWS Certified Advanced Networking - Specialty ANS-C01
Question #: 56
Topic #: 1
[All AWS Certified Advanced Networking - Specialty ANS-C01 Questions]

A company is running multiple workloads on Amazon EC2 instances in public subnets. In a recent incident, an attacker exploited an application vulnerability on one of the EC2 instances to gain access to the instance. The company fixed the application and launched a replacement EC2 instance that contains the updated application.
The attacker used the compromised application to spread malware over the internet. The company became aware of the compromise through a notification from AWS. The company needs the ability to identify when an application that is deployed on an EC2 instance is spreading malware.
Which solution will meet this requirement with the LEAST operational effort?

  • A. Use Amazon GuardDuty to analyze traffic patterns by inspecting DNS requests and VPC flow logs.
  • B. Use Amazon GuardDuty to deploy AWS managed decoy systems that are equipped with the most recent malware signatures.
  • C. Set up a Gateway Load Balancer. Run an intrusion detection system (IDS) appliance from AWS Marketplace on Amazon EC2 for traffic inspection.
  • D. Configure Amazon Inspector to perform deep packet inspection of outgoing traffic.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by zaazanuna at March 19, 2023, 4:55 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
ITgeek
Highly Voted 1 year, 5 months ago
Selected Answer: A
the emphasis is on the efforts to stand out a solution, that is where guarduty can help in identify
upvoted 9 times
...
zaazanuna
Highly Voted 1 year, 6 months ago
A - correct. This solution involves using Amazon GuardDuty to monitor network traffic and analyze DNS requests and VPC flow logs for suspicious activity. This will allow the company to identify when an application is spreading malware by monitoring the network traffic patterns associated with the instance. GuardDuty is a fully managed threat detection service that continuously monitors for malicious activity and unauthorized behavior in your AWS accounts and workloads. It requires minimal setup and configuration and can be integrated with other AWS services for automated remediation. This solution requires the least operational effort compared to the other options
upvoted 9 times
...
Raphaello
Most Recent 5 months, 1 week ago
Selected Answer: A
GuardDuty is AWS intelligent threat detection, which I think the answer to the ask in this scenario. However, option C (GWLB + IDS) is not entirely wrong, apart from "operational effort" part.
upvoted 1 times
...
patanjali
6 months, 2 weeks ago
Selected Answer: A
LEAST operational effort is only using GuardDuty. GWLB option is another way to do this too but that involve lots of operational overhead and lots of config/routing change.
upvoted 1 times
...
marfee
7 months, 2 weeks ago
I think that it's correct answer is A.
upvoted 1 times
...
JoseCC
1 year, 1 month ago
A - correct https://aws.amazon.com/blogs/aws/new-for-amazon-guardduty-malware-detection-for-amazon-ebs-volumes/
upvoted 1 times
...
Mishranihal737
1 year, 1 month ago
Yes correct answer is A
upvoted 1 times
...
silviahdz
1 year, 5 months ago
Selected Answer: A
A is the right choice as it requires less effort.
upvoted 2 times
...
dremm
1 year, 5 months ago
Selected Answer: C
C is correct. Although GuardDuty can detect malware infected machines, it cannot prevent spreading. This options requires Malware Protection to be enabled on GuardDuty which is not mentioned in the answers. DNS queries and VPC flow logs will not help in detecting malware spread. C is the most logical answer here.
upvoted 2 times
that1guy
1 year, 5 months ago
> "Although GuardDuty can detect malware infected machines, it cannot prevent spreading." This isn't an requirement from the question: "The company needs the ability to *identify* when an application that is deployed on an EC2 instance is spreading malware."
upvoted 5 times
dremm
1 year, 5 months ago
You are right, switching to A)
upvoted 2 times
...
...
...
helloworldabc
1 year, 6 months ago
AAAAAAAAAAAA
upvoted 3 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel