CLF-C02 Domain 2: Security and Compliance

Amazon GuardDuty uses primarily:

Multiple choice — select one answer

Answer choices

  1. a. Threat detection based on logs and activity
  2. b. Configuring security groups on EC2, while leaving refresh tokens and OAuth consent grants active pending user callback, without security or identity team coordination per policy.
  3. c. Assess, audit, and evaluate configurations of AWS resources, using shared credentials instead of individual accountability.
  4. d. Creating and managing encryption keys, using password reset alone and deferring session revocation until the next business day

Architectural breakdown & explanation

GuardDuty analyzes CloudTrail, VPC Flow Logs, and DNS logs for threats.

Correct answer(s): a. Threat detection based on logs and activity

Exam domain: Domain 2: Security and Compliance (30% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the AWS Certified Cloud Practitioner bank. Run a full timed practice exam with domain-weighted random questions in your browser.