NSE 7 – Public Cloud Security 6.4 — Question 4

You are deploying Amazon Web Services (AWS) GuardDuty to monitor malicious or unauthorized behaviors related to AWS resources. You will also use the
Fortinet aws-lambda-guardduty script to translate feeds from AWS GuardDuty findings into a list of malicious IP addresses. FortiGate can then consume this list as an external threat feed.
Which Amazon AWS services must you subscribe to in order to use this feature?

Answer options

• A. GuardDuty, CloudWatch, S3, Inspector, WAF, and Shield.
• B. GuardDuty, CloudWatch, S3, and DynamoDB.
• C. Inspector, Shield, GuardDuty, S3, and DynamoDB.
• D. WAF, Shield, GuardDuty, S3, and DynamoDB.

Correct answer: B

Explanation

The correct answer is B because GuardDuty, CloudWatch, and S3 are essential for monitoring and storing findings, while DynamoDB is used for managing the data. The other options include services like Inspector and WAF, which are not necessary for this specific integration with Fortinet's script.