An ecommerce company runs applications across AWS accounts in an AWS Organization. The applications use Amazon Aurora PostgreSQL databases in all accounts. The company must detect malicious activity by identifying abnormal failed and incomplete login attempts to the databases with the MOST operational efficiency. Which solution meets this requirement?
Choose an answer
Tap an option to check your answer.
Correct answer: Enable the Amazon RDS Protection feature in Amazon GuardDuty for the member accounts of the organization..
Why this is the answer
Enabling Amazon RDS Protection in GuardDuty for member accounts is the most operationally efficient solution. GuardDuty is a managed threat detection service that automatically monitors for malicious activity and unauthorized behavior, including abnormal login attempts to Aurora databases. It integrates directly with AWS Organizations, allowing centralized management and detection across all accounts without manual log analysis. Incorrect options: SCPs control permissions but do not detect or alert on malicious activity or failed login attempts. Publishing general logs to CloudWatch and S3 requires manual setup of alarms and analysis, which is less operationally efficient than GuardDuty's automated detection. CloudTrail records API calls and management events, not individual database login attempts. While it can show some database-related actions, it won't provide the detailed login attempt data needed for this specific requirement.
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed