What is Amazon GuardDuty and what data sources does it analyze?

AWS Cloud Practitioner Hard

AWS Cloud Practitioner — Hard

What is Amazon GuardDuty and what data sources does it analyze?

Key points

  • GuardDuty uses machine learning for threat detection
  • Analyzes AWS CloudTrail, VPC Flow Logs, DNS logs, and Kubernetes audit logs
  • Identifies malicious activity, unauthorized access, and compromised instances
  • Provides severity level findings for security team response

Ready to go further?

Start full exam Practice more questions

Related questions