AWS Certified Security – Specialty — Question 182
A security engineer is designing an incident response plan to address the risk of a compromised Amazon EC2 instance. The plan must recommend a solution to meet the following requirements:
✑ A trusted forensic environment must be provisioned.
✑ Automated response processes must be orchestrated.
Which AWS services should be included in the plan? (Choose two.)
Answer options
- A. AWS CloudFormation
- B. Amazon GuardDuty
- C. Amazon Inspector
- D. Amazon Macie
- E. AWS Step Functions
Correct answer: A, E
Explanation
AWS CloudFormation is essential for provisioning a trusted forensic environment by automating resource creation, while AWS Step Functions enables orchestration of automated response processes through workflow management. The other options, such as Amazon GuardDuty, Amazon Inspector, and Amazon Macie, provide security insights and data protection but do not directly address the needs for provisioning and orchestration required in this scenario.