An organization wants to be alerted when an unauthorized Amazon EC2 instance in its VPC performs a network port scan against other instances in the VPC. When the Security team performs its own internal tests in a separate account by using pre-approved third-party scanners from the AWS Marketplace, the Security team also then receives multiple Amazon GuardDuty events from Amazon CloudWatch alerting on its test activities. How can the Security team suppress alerts about authorized security tests while still receiving alerts about the unauthorized activity?
A) Use a filter in AWS CloudTrail to exclude the IP addresses of the Security team's EC2 instances.
B) Add the Elastic IP addresses of the Security team's EC2 instances to a trusted IP list in Amazon GuardDuty.
C) Install the Amazon Inspector agent on the EC2 instances that the Security team uses.
D) Grant the Security team's EC2 instances a role with permissions to call Amazon GuardDuty API operations.
Correct Answer:
Verified
Q149: A Website currently runs on Amazon EC2,
Q150: While securing the connection between a company's
Q151: A Developer is creating an AWS Lambda
Q152: A Developer signed in to a new
Q153: A company has Windows Amazon EC2 instances
Q155: An Application Developer is using an AWS
Q156: A company's Developers plan to migrate their
Q157: AWS CloudTrail is being used to monitor
Q158: A company is developing a highly resilient
Q159: A Security Engineer discovers that developers have
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents