CLF-C02 Question #59: Real Exam Question with Answer & Explanation

Question

A company wants to use machine learning capabilities to analyze log data from its Amazon EC2 instances and efficiently conduct security investigations. Which AWS service will meet these requirements?

Options

• AAmazon Inspector
• BAmazon QuickSight
• CAmazon Detective
• DAmazon GuardDuty

Explanation

Explanation

Amazon Detective is correct because it is specifically designed to analyze, investigate, and visualize security data using machine learning, statistical analysis, and graph theory - making it ideal for conducting efficient security investigations from log sources like EC2 instance logs, VPC Flow Logs, and CloudTrail data.

Why the distractors are wrong:

• Amazon Inspector (A) is a vulnerability assessment service that scans EC2 instances for software vulnerabilities and unintended network exposure - it does not perform ML-driven log analysis for investigations.
• Amazon QuickSight (B) is a business intelligence and data visualization tool used for creating dashboards and reports, not a security investigation service.
• Amazon GuardDuty (D) uses ML to detect threats and generate findings, but it is focused on threat detection rather than the deeper forensic investigation of security incidents - Detective is typically used after GuardDuty raises an alert.

🧠 Memory Tip: Think of it like a crime drama - GuardDuty is the patrol officer who spots suspicious activity, while Detective is the investigator who digs deeper to piece together what actually happened. If the question mentions investigating or analyzing security findings, think Detective.

No community discussion yet for this question.