Multiple Choice
A company has Windows Amazon EC2 instances in a VPC that are joined to on-premises Active Directory servers for domain services. The security team has enabled Amazon GuardDuty on the AWS account to alert on issues with the instances. During a weekly audit of network traffic, the Security Engineer notices that one of the EC2 instances is attempting to communicate with a known command-and-control server but failing. This alert does not show up in GuardDuty. Why did GuardDuty fail to alert to this behavior?
A) GuardDuty did not have the appropriate alerts activated.
B) GuardDuty does not see these DNS requests.
C) GuardDuty only monitors active network traffic flow for command-and-control activity.
D) GuardDuty does not report on command-and-control activity.
Correct Answer:
Verified
Correct Answer:
Verified
Q214: A company has complex connectivity rules governing
Q215: An Amazon S3 bucket is encrypted using
Q216: A company's security information events management (SIEM)
Q217: A distributed web application is installed across
Q218: The Security Engineer implemented a new vault
Q220: The Security Engineer created a new AWS
Q221: A company needs to encrypt all of
Q222: A Security Administrator at a university is
Q223: Some highly sensitive analytics workloads are to
Q224: A company uses AWS Organization to manage