Practice free →
HomeAWS Cloud Practitionercloudcomputingsecuritycompliance › An organization wants to detect threats like unu…

An organization wants to detect threats like unusual API calls, compromised EC2 instances, or potentially exposed credentials by analyzing CloudTrail, VPC Flow Logs, and DNS logs with machine learning. Which AWS service is designed for exactly this?

AAWS WAF
BAWS Trusted Advisor
CAmazon Macie
DAmazon GuardDuty
Answer & Solution
Correct answer: D. Amazon GuardDuty
GuardDuty is the managed threat-detection service that continuously analyzes CloudTrail, VPC Flow Logs, and DNS logs with ML for malicious or anomalous activity. WAF is layer-7 web filtering, Trusted Advisor is a configuration auditor, and Macie focuses on discovering sensitive data in S3.
Solve this in the app — AWS Cloud Practitioner practice & 24k+ MCQs →
Related questions