🔥 3-day streak
AWS Certified Security - Specialty62 / 184
Question 62 of 184

A security engineer at a fintech company runs several Amazon EKS clusters that host containerized payment workloads. Leadership wants Amazon GuardDuty to detect threats such as suspicious API calls to the Kubernetes control plane (e.g., anonymous access to sensitive resources) AND malicious process activity occurring inside running containers (e.g., a reverse shell spawned in a pod). The engineer has already enabled GuardDuty in the account. What must the engineer configure to satisfy BOTH detection requirements?

Reviewed for accuracy · Report an issueNext question