Under increased cybersecurity concerns, a company is deploying a near real-time intrusion detection system (IDS) solution. A system must be put in place as soon as possible. The architecture consists of many AWS accounts, and all results must be delivered to a central location.
Which solution will meet this requirement, while minimizing downtime and costs?
A . Deploy a third-party vendor solution to perform deep packet inspection in a transit VP
C . Enable VPC Flow Logs on each VP
D . Set up a stream of the flow logs to a central Amazon Elasticsearch cluster.
E . Enable Amazon Macie on each AWS account and configure central reporting.
F . Enable Amazon GuardDuty on each account as members of a central account.
Answer: D
Explanation:
References: https://aws.amazon.com/blogs/security/how-to-manage-amazon-guardduty-security-findingsacross-multiple-accounts/
Leave a Reply