# AWS-Certified-DevOps-Engineer---Professional-DOP-C02 — Question 428 **Type:** multiple_choice **Topics:** topic_1 ## Question A company runs applications in AWS accounts that are in an organization in AWS Organizations. The applications use Amazon EC2 instances and Amazon S3. The company wants to detect potentially compromised EC2 instances, suspicious network activity, and unusual API activity in its existing AWS accounts and in any AWS accounts that the company creates in the future. When the company detects one of these events, the company wants to use an existing Amazon Simple Notification Service (Amazon SNS) topic to send a notification to its operational support team for investigation and remediation. Which solution will meet these requirements in accordance with AWS best practices? ## Correct Answer _See scenario._ ## Explanation Selected Answer: A Dear Admin, Please Fix the Wrong response here! It´s A: This solution meets all the requirements: Detect potentially compromised EC2 instances, suspicious network activity, and unusual API activity: Amazon GuardDuty is a threat detection service that continuously monitors for malicious or unauthorized behavior. It analyzes events from AWS CloudTrail, Amazon VPC Flow Logs, and DNS logs to detect such activities. Send a notification to the operational support team: Creating an Amazon EventBridge rule that matches GuardDuty findings and then forwarding these to an SNS topic allows for the generation of notifications whenever suspicious activity is detected. Cover future AWS accounts: By designating a GuardDuty administrator account in AWS Organizations, you can manage GuardDuty across all of your existing and future AWS accounts. This ensures that any new account created under the organization is automatically covered by GuardDuty. **Reference:** examtopics_top_comment --- Source: https://hiexam.net/q/amazon/AWS-Certified-DevOps-Engineer---Professional-DOP-C02/428 Practice (tracked): https://hiexam.net/study/AWS-Certified-DevOps-Engineer---Professional-DOP-C02/practice