🔥 3-day streak
AWS Certified Security - Specialty53 / 157
Question 53 of 157
A financial services company stores customer documents in an Amazon S3 bucket that receives uploads from an internet-facing web application. Security engineers want to be automatically alerted when GuardDuty detects that credentials associated with the EC2 instances behind the application are being used from an unusual location or when large volumes of objects are being retrieved in an anomalous pattern that could indicate data exfiltration. Which GuardDuty capability should the team rely on to surface these specific S3-related threats?
Reviewed for accuracy · Report an issueNext question