🔥 3-day streak
AWS Certified Security - Specialty65 / 184
Question 65 of 184
A security team enables GuardDuty Malware Protection for EC2. GuardDuty generates an 'Execution:EC2/MaliciousFile' finding after scanning an EBS volume attached to a production instance and detecting a trojan. The team wants an automated, least-disruptive first response that preserves the ability to investigate while preventing the malware from spreading laterally, and they must ensure the finding and any related activity remain fully investigable afterward. Which approach best meets these requirements?
Reviewed for accuracy · Report an issueNext question