AWS Certified Security – Specialty (SCS-C03) — Question 27

A company runs workloads in an AWS account. A security engineer observes some unusual findings in Amazon GuardDuty. The security engineer wants to investigate a specific IAM role and generate an investigation report. The report must contain details about anomalous behavior and any indicators of compromise.
Which solution will meet these requirements?

Answer options

• A. Use Amazon Detective to perform an investigation on the IAM role.
• B. Use AWS Audit Manager to create an assessment. Specify the IAM role Run an assessment report.
• C. Use Amazon Inspector to create an assessment. Specify the IAM role. Run an assessment report.
• D. Use Amazon Inspector to run an on-demand scan of the IAM role.

Correct answer: A

Explanation

The correct answer is A, as Amazon Detective is specifically designed for investigating security issues and analyzing IAM roles for anomalous behavior. Options B and C focus on assessments that do not provide the in-depth investigation needed for the IAM role's behavior, while option D only performs a scan without the comprehensive analysis required for reporting.