SCS-C02 · Question #253
SCS-C02 Question #253: Real Exam Question with Answer & Explanation
The correct answer is D: Enable Amazon GuardDuty Use EKS Audit Log Monitoring.. Amazon GuardDuty is a managed threat detection service that provides security monitoring and threat detection for AWS environments, including Amazon EKS. GuardDuty recently introduced EKS Audit Log Monitoring, which automatically detects suspicious activity and potential security
Question
A company needs to delect unauthenticated access to its Amazon Elastic Kubernetes Service (Amazon EKS) clusters. The company needs a solution that requires no additional configuration ot the existing EKS deployment. Which solution will meet these requirements with the LEAST operational effort?
Options
- AInstall an Amazon EKS add-on from a security vendor.
- BEnable AWS Security Hub Monitor the Kubernetes findings
- CMonitor Amazon CloudWatch Container Insights metrics for Amazon EKS.
- DEnable Amazon GuardDuty Use EKS Audit Log Monitoring.
Explanation
Amazon GuardDuty is a managed threat detection service that provides security monitoring and threat detection for AWS environments, including Amazon EKS. GuardDuty recently introduced EKS Audit Log Monitoring, which automatically detects suspicious activity and potential security threats (including unauthenticated access attempts) within EKS This solution requires no changes to the existing EKS deployment and offers built-in detection capabilities with minimal operational overhead.
Community Discussion
No community discussion yet for this question.