ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
Your security team needs near-real-time detection of compromised IAM credentials. The solution must apply machine-learning behavior analytics to AWS CloudTrail management events, VPC Flow Logs, and Route 53 DNS query logs, then automatically deliver security findings to a central AWS account for triage. Which AWS managed service best meets these requirements while requiring minimal ongoing administration?
AWS Config with custom Lambda rules
Amazon GuardDuty
Amazon Inspector
Ad-hoc Amazon Athena queries against AWS CloudTrail event history
Amazon GuardDuty continuously ingests AWS CloudTrail, VPC Flow Logs, and DNS query logs, then applies machine-learning-based behavioral analytics and threat-intelligence feeds to identify anomalous or malicious activity such as stolen IAM credentials. Findings are generated and can be centrally aggregated across multiple accounts with GuardDuty's multi-account feature, providing near-real-time detection with no infrastructure to manage.
AWS Config evaluates resource compliance but does not use ML for behavior-based threat detection. Amazon Inspector focuses on vulnerability assessments of EC2 instances and container images, not log analytics. Querying CloudTrail logs in Athena is manual and lacks built-in ML models or continuous monitoring, making it unsuitable for real-time automated detection.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Amazon GuardDuty and how does it detect threats?
Open an interactive chat with Bash
How does GuardDuty's multi-account feature work in a security setup?
Open an interactive chat with Bash
What makes GuardDuty different from AWS Config and Amazon Inspector in security monitoring?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Systems and Application Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .