Detection Questions
Practice questions for Detection topic in AWS Certified Security - Specialty. 32 questions covering this domain.
A team wants broad, continuous visibility into where sensitive data might exist across its Amazon S3 estate before deciding which buckets need deeper ...
A company needs a searchable, downloadable, and immutable record of the last 90 days of management events in a single AWS Region without first creatin...
A security team enables Amazon GuardDuty in an AWS account for the first time. Which data sources does GuardDuty start analyzing automatically as foun...
A security engineer wants to detect multi-stage attacks across multiple data sources in an AWS account without paying extra for that specific GuardDut...
A responder integrates Amazon Detective with Amazon Security Lake. Which raw log sources does Detective begin pulling from Security Lake for querying ...
A security operations team wants a centralized security data lake that normalizes AWS and third-party security events into a common schema and storage...
A company enables AWS Security Hub CSPM today in one Region. GuardDuty produced findings in that Region last week. What should the team expect after e...
A compliance team wants a service that continuously evaluates AWS resources as they are created, changed, or deleted and flags resources as noncomplia...
A delegated administrator account in AWS Organizations enables Amazon GuardDuty across all member accounts and Regions. According to AWS guidance, wha...
A team wants AWS Config to package a curated set of rules and remediation actions as a single deployable unit that can be applied across accounts in A...
A security team wants Amazon Macie to perform a one-time deep scan of a specific Amazon S3 bucket for sensitive data using both managed and custom dat...
Which AWS service provides a managed dashboard of standardized security best-practice checks (such as CIS, AWS Foundational Security Best Practices, a...
Which AWS CloudTrail capability detects unusual write management API activity in an account by automatically modeling normal call volumes and surfacin...
Which Amazon GuardDuty protection plan scans Amazon EBS volumes attached to EC2 instances and ECS workloads for malware when GuardDuty produces a susp...
A team wants Amazon GuardDuty to continuously analyze container-level processes and network activity inside Amazon EKS, ECS on Fargate, and self-manag...
A team wants AWS Config to evaluate noncompliant resources and automatically take a remediation action without requiring an external runbook. Which fe...
A security engineer wants to detect when Amazon S3 GetObject API calls spike to an unusual volume, which may indicate data exfiltration. S3 data event...
A SIEM team wants to normalize all AWS security events (GuardDuty findings, VPC Flow Logs, CloudTrail logs, Route 53 Resolver logs) into the Open Cybe...
A security team wants to create custom patterns to detect specific proprietary data formats (such as employee ID or account codes) in Amazon S3 object...
Which CloudWatch feature lets a team automatically create CloudWatch alarms based on the normal statistical patterns of a metric, rather than requirin...
Sign in to see all 32 questions
Create a free account to browse all questions — completely free during our launch phase.