🔥 3-day streak
AWS Certified Security - Specialty68 / 184
Question 68 of 184
A security engineer manages a GuardDuty administrator account for 40 member accounts. A widely used vulnerability scanning vendor performs authorized port scans and reconnaissance against the company's EC2 fleet each night, generating hundreds of Recon:EC2/Portscan findings. The engineer wants to prevent these known-benign findings from appearing in the GuardDuty console and from being forwarded to Security Hub and downstream EventBridge automation, while still retaining the ability to review them later if needed. What is the most appropriate approach?
Reviewed for accuracy · Report an issueNext question