ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Associate SAA-C02 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Associate SAA-C02 exam
Go to Exam

Exam AWS Certified Solutions Architect - Associate SAA-C02 topic 1 question 611 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Associate SAA-C02
Question #: 611
Topic #: 1
[All AWS Certified Solutions Architect - Associate SAA-C02 Questions]

A company's web application consists of multiple Amazon EC2 instances that run behind an Application Load Balancer in a VPC. An Amazon RDS for MySQL DB instance contains the data. The company needs the ability to automatically detect and respond to suspicious or unexpected behavior in its AWS environment. The company already has added AWS WAF to its architecture.
What should a solutions architect do next to protect against threats?

  • A. Use Amazon GuardDuty to perform threat detection. Configure Amazon EventBridge (Amazon CloudWatch Events) to filter for GuardDuty findings and to invoke an AWS Lambda function to adjust the AWS WAF rules.
  • B. Use AWS Firewall Manager to perform threat detection. Configure Amazon EventBridge (Amazon CloudWatch Events) to filter for Firewall Manager findings and to invoke an AWS Lambda function to adjust the AWS WAF web ACL.
  • C. Use Amazon Inspector to perform threat detection and to update the AWS WAF rules. Create a VPC network ACL to limit access to the web application.
  • D. Use Amazon Macie to perform threat detection and to update the AWS WAF rules. Create a VPC network ACL to limit access to the web application.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by guptatrng at Sept. 8, 2022, 5:50 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
rodriiviru
2 years, 7 months ago
Selected Answer: A
The company needs the ability to automatically detect and respond to suspicious or unexpected behavior in its AWS environment. -detect and respond -environment I think the answer ir GuardDuty
upvoted 3 times
...
jw1806
2 years, 7 months ago
Selected Answer: C
inspector: • Analyze against unintended network accessibility guardduty: Apply machine learning algorithms and anomaly detections to discover threats so inspector is the choice here.
upvoted 1 times
kelmryan1
1 year ago
That is not what Guard duty does
upvoted 1 times
...
...
praveenas400
2 years, 7 months ago
AWS Inspector for EC2
upvoted 2 times
jw1806
2 years, 7 months ago
that's right, spector for EC2, and Guard duty for accounts
upvoted 1 times
...
...
sivasumanth
2 years, 8 months ago
Selected Answer: A
AWS inspector checks EC2 envs and find any vulnerabilities, Gaurd Duty detect suspicious behaviour in AWS account.
upvoted 3 times
...
guptatrng
2 years, 8 months ago
"detect and respond to suspicious or unexpected behavior" --> Seems reactive approach, best fit for Guard duty. It should be A.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago