Secure Architecture IV
Prepare yourself for the AWS Certified Solutions Architect Associate SAA-C03 Certificate exam by tackling practice questions related to AWS CloudTrail, Amazon GuardDuty, AWS Security Hub, AWS CodeCommit, IAM roles, Amazon Cognito, AWS KMS, and Amazon GuardDuty to design secure architectures.
We'll cover the following
Question 34
A financial services firm is in the process of increasing the security provided to an AWS environment. They call for constant supervision of all API operations timely notification of instances of unauthorized attempts to access the APIs, and a frequent check of the APIs’ security parameters against standard guidelines.
As a solutions architect, suggest a solution that ensures continuous monitoring of API activities, alerts on unauthorized access attempts, and regular security assessments against best practices.
A. Use AWS CloudTrail to track all API activities, Amazon GuardDuty for intelligent security detection, and AWS Security Hub for always-on compliance checks and ensuring that security standards are being followed.
B. Use AWS Config to display details of resources and their changes, AWS IAM Access Analyzer for permission analysis, and Amazon Inspector for security review.
C. Use Amazon Macie to monitor data protection and privacy, AWS Lambda for custom alerting concerning security incidents, and AWS WAF to manage web traffic filtering.
D. Use AWS VPC Flow Logs to enable traffic analysis, AWS Shield to protect against DDoS attacks, and AWS Trusted Advisor to manage costs and performance.
Get hands-on with 1400+ tech skills courses.