AWS Certified Cloud Practitioner — Question 117

Which AWS service provides threat detection by monitoring for malicious activities and unauthorized actions to protect AWS accounts, workloads, and data that is stored in Amazon S3?

Answer options

• A. AWS Shield
• B. AWS Firewall Manager
• C. Amazon GuardDuty
• D. Amazon Inspector

Correct answer: C

Explanation

Amazon GuardDuty is the correct answer as it specifically provides threat detection by analyzing events and activities within AWS accounts to identify malicious behavior. AWS Shield is focused on DDoS protection, AWS Firewall Manager manages firewall policies, and Amazon Inspector assesses application vulnerabilities, making them unsuitable for the specific task of threat detection.