SCS-C02 · Question #461
SCS-C02 Question #461: Real Exam Question with Answer & Explanation
The correct answer is D: Enable the control plane logs in Amazon EKS. Ensure that the logs are ingested into Amazon. Amazon GuardDuty's EKS Protection relies on Amazon EKS control plane logs to monitor Kubernetes activity and detect potential security threats. Enabling control plane logging (e.g., API server logs) in EKS and sending these logs to Amazon CloudWatch allows GuardDuty to analyze th
Question
A company uses Amazon Elastic Kubernetes Service (Amazon EKS) clusters to run its Kubernetes-based applications. The company uses Amazon GuardDuty to protect the applications. EKS Protection is enabled in GuardDuty. However, the corresponding GuardDuty feature is not monitoring the Kubernetes-based applications. Which solution will cause GuardDuty to monitor the Kubernetes-based applications?
Options
- AEnable VPC flow logs for the VPC that hosts the EKS clusters.
- BAssign the CloudWatchEventsFullAccess AWS managed policy to the EKS clusters.
- CEnsure that the AmazonGuardDutyFullAccess AWS managed policy is attached to the GuardDuty
- DEnable the control plane logs in Amazon EKS. Ensure that the logs are ingested into Amazon
Explanation
Amazon GuardDuty's EKS Protection relies on Amazon EKS control plane logs to monitor Kubernetes activity and detect potential security threats. Enabling control plane logging (e.g., API server logs) in EKS and sending these logs to Amazon CloudWatch allows GuardDuty to analyze the Kubernetes activity, making it possible to detect threats in the EKS clusters.
Community Discussion
No community discussion yet for this question.