🔥 40% Off Crucial Exams Memberships — This Week Only

2 days, 12 hours remaining!
Crucial Exams

ISC2 Systems Security Certified Practitioner (SSCP) Practice Question

An enterprise manages 25 AWS accounts through AWS Organizations. The security operations center needs to ingest a commercial IP and domain threat feed once and have it applied automatically across all accounts so Amazon GuardDuty can detect related activity, without operating extra infrastructure or running periodic scripts. Which solution best meets this requirement?

  • Designate a delegated GuardDuty administrator account, enable organization-wide GuardDuty, and create the external indicators as Threat Intelligence Sets in that account so they replicate to all member detectors.

  • Deploy an EC2 instance running an open-source threat platform in each account that retrieves the feed and pushes indicators to the local GuardDuty detector via API.

  • Enable AWS Security Hub cross-account aggregation and import the feed as custom findings in the master account, relying on Security Hub to forward indicators to GuardDuty for every member.

  • Store the feed in a central S3 bucket and create an AWS Config organization rule that invokes a Lambda function in each account to update GuardDuty threat lists hourly.

ISC2 Systems Security Certified Practitioner (SSCP)
Risk Identification, Monitoring and Analysis
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot