A company experienced a breach from an attacker on its on-premises network. The attacker launched port scanning, waged on outbound Do5 attack, and performed cryptocurrency mining. The company is moving to AWS to build a more resilient architecture that monitors and remediates this type the attack on the account level.
How should the company use AWS services to meet these requirements?
A . Enable Amazon GuardDuty to generate findings. Trigger AWS Lambda for automated remediation of identified threats.
B . Enable AWS Config and configure policies to monitor against breaches. Trigger AWS Lambda for automated remediation of noncompliant resources.
C . Enable Amazon Macie to identify and classify security threats. Configure events in Amazon EventBridge (Amazon CloudWatch Events) to trigger actions based on the severity of threats.
D . Enable Amazon inspector to generate assessment reports. Configure events in Amazon EventBridge (Amazon CloudWatch Events) to trigger actions based on identified threat.
Answer: A
Leave a Reply