🔥 3-day streak
AWS Certified Security - Specialty15 / 184
Question 15 of 184
A security team wants to detect unusual patterns in API call volume and error rates across their AWS account, such as a sudden spike in IAM policy modifications or an unusual burst of TerminateInstances calls that could indicate compromised credentials. They already have a management events trail enabled but no automated way to surface anomalous behavior. They do not want to build and maintain custom baselining logic or manually tune CloudWatch metric filters for every API. Which approach best meets this requirement with the least operational overhead?
Reviewed for accuracy · Report an issueNext question