🔥 3-day streak
AWS Certified Security - Specialty45 / 157
Question 45 of 157

A security team manages several Amazon EKS clusters and wants GuardDuty to detect suspicious activity such as anonymous API access, privileged container launches, and use of exposed Kubernetes credentials by analyzing control-plane activity. They do not want to deploy any agents onto the worker nodes at this stage. Which GuardDuty capability should they enable to meet this requirement?

Reviewed for accuracy · Report an issueNext question