🔥 3-day streak
AWS Certified Security - Specialty40 / 157
Question 40 of 157
A security team runs a production workload across two AWS Regions. During a suspected compromise, responders discovered that their automated containment Lambda (triggered by EventBridge) failed to execute because the finding originated in the secondary Region, where no EventBridge rule or Lambda existed. The team wants to ensure that any GuardDuty finding in ANY Region reliably invokes a single centralized containment workflow, while minimizing ongoing operational overhead and duplicated code. Which approach best meets these requirements?
Reviewed for accuracy · Report an issueNext question