A company runs its product in an Auto Scaling group behind a Network Load Balancer and stores objects in an Amazon S3 bucket. After recent malicious attacks, the company needs continuous monitoring for malicious activity across the AWS account, workloads, and access patterns to the S3 bucket, with suspicious activity reported and shown on a dashboard. Which solution meets these requirements?
Choose an answer
Tap an option to check your answer.
Correct answer: Configure Amazon GuardDuty to monitor and report findings to AWS Security Hub..
Why this is the answer
Amazon GuardDuty is the correct choice because it provides continuous monitoring for malicious activity and unauthorized behavior across AWS accounts, including workloads (EC2 instances, which are part of an Auto Scaling group) and S3 bucket access patterns. GuardDuty uses machine learning, anomaly detection, and threat intelligence to identify threats. Integrating GuardDuty with AWS Security Hub centralizes all security findings into a single dashboard for easy monitoring and reporting. Amazon Macie focuses on data security and privacy for S3, not general malicious activity across the account or workloads. Amazon Inspector assesses for vulnerabilities in EC2 instances and container images, not malicious activity detection. AWS Config monitors resource configurations and changes, not security threats or malicious access patterns.
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed