A company is using Amazon GuardDuty in its AWS environment. The company asks a security engineer to suspend GuardDuty. Which combination of steps must the security engineer perform to meet this requirement? (Choose two.)
A.
Disable all optional data sources from all detectors in all regions.
AB is correct. From AWS documentation,
You can use the GuardDuty console to suspend or disable GuardDuty. You are not charged for using GuardDuty when the service is suspended.
All optional data sources must be disabled from all detectors in all regions before you can disable or suspend GuardDuty.
All member accounts must be disassociated or deleted before you can disable or suspend GuardDuty.
I take back my answer.
Answer is .... A & B
If you suspend GuardDuty, your existing findings remain intact and are not affected by the GuardDuty suspension.
https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_suspend-disable.html
AB are the correct answers.
Need to disassociate member accounts, and disable optional data sources.
https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_suspend-disable.html
To suspend Amazon GuardDuty, you need to perform the following steps:
Disassociate or Delete Member Accounts:
If you have set up GuardDuty member accounts, you should disassociate or delete those member accounts. This will ensure that GuardDuty is not actively monitoring those accounts.
Disable Associated Monitoring Services:
GuardDuty might be integrated with various monitoring services, such as CloudTrail, VPC Flow Logs, and DNS logs. To suspend GuardDuty, you need to disable these associated monitoring services.
Please NOTE:
If you disable GuardDuty, your existing findings and the GuardDuty configuration are lost and can't be recovered. If you want to save your existing findings, you must export them before you disable GuardDuty.
A & B
All optional data sources must be disabled from all detectors in all regions before you can disable or suspend GuardDuty.
All member accounts must be disassociated or deleted before you can disable or suspend GuardDuty.
https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_suspend-disable.html
All optional data sources must be disabled from all detectors in all regions before you can disable or suspend GuardDuty.
All member accounts must be disassociated or deleted before you can disable or suspend GuardDuty.
A and B
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
network_zeal
Highly Voted 3 years, 3 months agobabaseun
Highly Voted 3 years, 3 months agoRaphaello
Most Recent 1 year, 1 month agoNoexperience
1 year, 8 months agoG4Exams
2 years agoD2
2 years, 4 months agoPrathamesh2589
2 years, 7 months agogofavad926
2 years, 9 months agobinisho123
3 years, 1 month agolotfi50
3 years, 2 months agoWaniru
3 years, 3 months agoargol
3 years, 3 months agoroger8978
3 years, 3 months agobabaseun
3 years, 3 months ago