Project team enhancing the security features of a banking application, requires implementing a threat detection service that continuously monitors malicious activities and unauthorized behaviors to protect AWS accounts, workloads, and data stored in Amazon S3
Which AWS services should the project team select?
Click on the arrows to vote for the correct answer
A. B. C. D.Answer: C.
Option A is INCORRECT.
AWS Shield is a managed Distributed Denial of Service (DDoS) protection service that safeguards applications running on AWS.
Option B is INCORRECT.
AWS Firewall Manager is a security management service that allows you to centrally configure and manage firewall rules across your accounts and applications in AWS Organization.
Option C is CORRECT.
Amazon GuardDuty is a threat detection service that continuously monitors malicious activities and unauthorized behaviors to protect your AWS accounts, workloads, and data stored in Amazon S3.
Option D is INCORRECT.
Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS.
Reference:
https://aws.amazon.com/guardduty/ https://aws.amazon.com/firewall-manager/ https://aws.amazon.com/shield/ https://aws.amazon.com/inspector/The project team is enhancing the security features of a banking application and wants to implement a threat detection service that continuously monitors malicious activities and unauthorized behaviors to protect AWS accounts, workloads, and data stored in Amazon S3. To achieve this, the team needs to select the right AWS services that can help them monitor and protect their infrastructure effectively.
Let's take a look at the four possible options provided in the answer choices:
A. AWS Shield - AWS Shield is a managed service that provides protection against Distributed Denial of Service (DDoS) attacks. While it's a useful service for protecting against DDoS attacks, it doesn't provide the continuous monitoring and threat detection capabilities that the project team is looking for. Hence, it is not the right choice in this scenario.
B. AWS Firewall Manager - AWS Firewall Manager is a service that makes it easy to centrally configure and manage AWS WAF (Web Application Firewall) rules across your accounts and applications. While it's a useful service for managing firewall rules, it doesn't provide the continuous monitoring and threat detection capabilities that the project team is looking for. Hence, it is not the right choice in this scenario.
C. Amazon GuardDuty - Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect AWS accounts, workloads, and data stored in Amazon S3. It uses machine learning, anomaly detection, and integrated threat intelligence to identify and prioritize security findings. It also provides detailed findings and integrates with AWS security services for automated remediation. This service aligns perfectly with the project team's requirements and is the right choice in this scenario.
D. Amazon Inspector - Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. It analyzes the behavior of applications to identify potential security issues, vulnerabilities, and deviations from best practices. While it's a useful service for automated security assessments, it doesn't provide the continuous monitoring and threat detection capabilities that the project team is looking for. Hence, it is not the right choice in this scenario.
Therefore, the project team should select Amazon GuardDuty as the AWS service to implement the continuous monitoring and threat detection capabilities required to protect their AWS accounts, workloads, and data stored in Amazon S3.