DOP-C02 Exam QuestionsBrowse all questions from this exam
Go to Exam

DOP-C02 Exam - Question 269

A company's video streaming platform usage has increased from 10,000 users each day to 50,000 users each day in multiple countries. The company deploys the streaming platform on Amazon Elastic Kubernetes Service (Amazon EKS). The EKS workload scales up to thousands of nodes during peak viewing time.

The company's users report occurrences of unauthorized logins. Users also report sudden interruptions and logouts from the platform.

The company wants additional security measures for the entire platform. The company also needs a summarized view of the resource behaviors and interactions across the company's entire AWS environment. The summarized view must show login attempts, API calls, and network traffic. The solution must permit network traffic analysis while minimizing the overhead of managing logs. The solution must also quickly investigate any potential malicious behavior that is associated with the EKS workload.

Which solution will meet these requirements?

Show Answer
Correct Answer: B

To meet the requirements of additional security measures, a summarized view of resource behaviors, and quick investigation of potential malicious behavior, enabling Amazon GuardDuty for EKS Audit Log Monitoring along with Amazon Detective is the most suitable solution. GuardDuty helps monitor and detect security threats, while Amazon Detective provides a summarized view of login attempts, API calls, and network traffic. Additionally, Detective allows for easier and faster investigation of malicious activities associated with EKS workloads by analyzing and visualizing data from various sources. This approach minimizes the overhead of managing logs and provides comprehensive security insights.

Discussion

4 comments
Sign in to comment
getadroit
Jul 7, 2024

D https://aws.amazon.com/blogs/security/how-to-use-new-amazon-guardduty-eks-protection-findings/

siheomOption: B
Jul 12, 2024

vote B

trungtdOption: B
Jul 15, 2024

https://docs.aws.amazon.com/guardduty/latest/ug/detective-integration.html https://docs.aws.amazon.com/detective/latest/userguide/source-data-types-EKS.html

TEC1Option: B
Jul 16, 2024

B- Guardduty any potential malicious behavior and Amazon Detective summarised view must show login attempts, API calls, and network traffic