SCS-C02 Domain 1: Detection

What is the MOST appropriate AWS solution to detect malicious API activity?

Multiple choice — select one answer

Answer choices

  1. a. GuardDuty IAM anomaly findings
  2. b. GuardDuty Malware Protection
  3. c. Amazon GuardDuty
  4. d. AWS Security Hub

Architectural breakdown & explanation

GuardDuty analyzes CloudTrail, DNS, and flow logs.

Correct answer(s): c. Amazon GuardDuty

Exam domain: Domain 1: Detection (18% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the AWS Certified Security – Specialty bank. Run a full timed practice exam with domain-weighted random questions in your browser.