AWS Certified Cloud Practitioner — Question 348
A company wants to continuously monitor its AWS accounts and workloads for malicious activity. The company also wants to receive detailed security findings for visibility and remediation.
Which AWS service should the company use to meet these requirements?
Answer options
- A. Amazon GuardDuty
- B. AWS Shield
- C. AWS WAP
- D. AWS CloudTrail
Correct answer: A
Explanation
Amazon GuardDuty is an intelligent threat detection service that continuously monitors AWS accounts, workloads, and data for malicious activity, delivering highly detailed security findings for remediation. AWS Shield is designed specifically for DDoS protection, and AWS CloudTrail tracks and logs user activity and API calls rather than analyzing threats. AWS WAP (WAF) protects web applications from common web exploits but does not provide account-wide threat detection.