SCS-C02 · Question #472
SCS-C02 Question #472: Real Exam Question with Answer & Explanation
The correct answer is B: Enable Amazon GuardDuty. Create an Amazon EventBridge rule to send alerts to the SNS topic. Amazon GuardDuty includes built-in threat detection capabilities that can identify suspicious activity such as cryptocurrency mining. When GuardDuty detects cryptocurrency-related activity, it generates a finding that can be used to trigger alerts. By configuring an Amazon EventB
Question
A security engineer needs to implement a solution to determine whether a company's Amazon EC2 instances are being used to mine cryptocurrency. The solution must provide notifications of cryptocurrency-related activity to an Amazon Simple Notification Service (Amazon SNS) topic. Which solution will meet these requirements?
Options
- ACreate AWS Config custom rules by using Guard custom policy. Configure the AWS Config rules
- BEnable Amazon GuardDuty. Create an Amazon EventBridge rule to send alerts to the SNS topic
- CEnable Amazon Inspector. Create an Amazon EventBridge rule to send alerts to the SNS topic
- DEnable VPC flow logs. Send the flow logs to an Amazon S3 bucket. Set up a query in Amazon
Explanation
Amazon GuardDuty includes built-in threat detection capabilities that can identify suspicious activity such as cryptocurrency mining. When GuardDuty detects cryptocurrency-related activity, it generates a finding that can be used to trigger alerts. By configuring an Amazon EventBridge rule to capture these specific findings and send notifications to an SNS topic, the solution provides real-time alerts for cryptocurrency mining activity on EC2 instances.
Community Discussion
No community discussion yet for this question.