Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty SCS-C02 All Questions

View all questions & answers for the AWS Certified Security - Specialty SCS-C02 exam
Go to Exam

Exam AWS Certified Security - Specialty SCS-C02 topic 1 question 40 discussion

Exam question from Amazon's AWS Certified Security - Specialty SCS-C02
Question #: 40
Topic #: 1
[All AWS Certified Security - Specialty SCS-C02 Questions]

A company recently had a security audit in which the auditors identified multiple potential threats. These potential threats can cause usage pattern changes such as DNS access peak, abnormal instance traffic, abnormal network interface traffic, and unusual Amazon S3 API calls. The threats can come from different sources and can occur at any time. The company needs to implement a solution to continuously monitor its system and identify all these incoming threats in near-real time.
Which solution will meet these requirements?

  • A. Enable AWS CloudTrail logs, VPC flow logs, and DNS logs. Use Amazon CloudWatch Logs to manage these logs from a centralized account.
  • B. Enable AWS CloudTrail logs, VPC flow logs, and DNS logs. Use Amazon Macie to monitor these logs from a centralized account.
  • C. Enable Amazon GuardDuty from a centralized account. Use GuardDuty to manage AWS CloudTrail logs, VPC flow logs, and DNS logs.
  • D. Enable Amazon Inspector from a centralized account. Use Amazon Inspector to manage AWS CloudTrail logs, VPC flow logs, and DNS logs.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by 100fold at Oct. 19, 2023, 6:42 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
100fold
Highly Voted 11 months, 3 weeks ago
Selected Answer: C
Answer C
upvoted 6 times
...
jd_aws
Most Recent 1 month ago
Amazon GuardDuty is a fully managed threat detection service that continuously monitors your AWS accounts and workloads for malicious activity and unauthorized behavior. It uses machine learning, anomaly detection, and integrated threat intelligence to identify and prioritize potential threats. Near-Real-Time Monitoring: GuardDuty is designed to analyze data sources like AWS CloudTrail logs, VPC flow logs, and DNS logs in near-real-time. It can detect unusual patterns such as DNS access peaks, abnormal instance traffic, abnormal network interface traffic, and unusual Amazon S3 API calls, which align with the threats identified during the security audit. Answer : C
upvoted 2 times
...
Raphaello
8 months ago
Selected Answer: C
GuardDuty (C)
upvoted 1 times
...
smanzana
8 months, 2 weeks ago
C- near-real time -> GuardDuty
upvoted 1 times
...
Daniel76
10 months, 1 week ago
Selected Answer: C
Guardduty draw data sources from: AWS CloudTrail logs, VPC flow logs, and DNS logs https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_data-sources.html Only GuardDuty detects abnormal and unusual activities among all choices.
upvoted 4 times
...
Aamee
10 months, 1 week ago
Selected Answer: C
Monitoring threats, abnormal traffic etc always leads towards GuardDuty.
upvoted 2 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel