AWS Certified SysOps Administrator – Associate — Question 61

A company needs to automatically monitor an AWS account for potential unauthorized AWS Management Console logins from multiple geographic locations.

Which solution will meet this requirement?

Answer options

• A. Configure Amazon Cognito to detect any compromised IAM credentials.
• B. Set up Amazon Inspector. Scan and monitor resources for unauthorized logins.
• C. Set up AWS Config. Add the iam-policy-blacklisted-check managed rule to the account.
• D. Configure Amazon GuardDuty to monitor the UnauthorizedAccess:IAMUser/ConsoleLoginSuccess.B finding.

Correct answer: D

Explanation

The correct answer is D because Amazon GuardDuty is specifically designed to detect and respond to unauthorized access, including console logins from unusual locations. Options A and B do not directly address monitoring login attempts, while option C is not tailored to tracking unauthorized access in this context.