AWS Certified Cloud Practitioner (CLF-C02) — Question 481
A company needs a threat detection service that will continuously monitor its AWS accounts, workloads, and Amazon S3 buckets for malicious activity and unauthorized behavior.
Which AWS service meets these requirements?
Answer options
- A. AWS Shield
- B. AWS Firewall Manager
- C. Amazon GuardDuty
- D. Amazon Inspector
Correct answer: C
Explanation
Amazon GuardDuty is a continuous security monitoring service that analyzes AWS CloudTrail, VPC Flow Logs, and DNS logs to detect threats like malicious activity and unauthorized behavior. AWS Shield is designed for DDoS protection, AWS Firewall Manager simplifies administration of firewall rules across accounts, and Amazon Inspector is used for automated security assessments of applications and EC2 instances rather than continuous account-wide threat detection.