Question

Which of the following data sources are used by Amazon Detective to analyze events and identify potential security issues?

1. AWS CloudTrail logs, Amazon VPC Flow Logs and Amazon GuardDuty findings
2. Amazon CloudWatch Logs, Amazon VPC Flow Logs and Amazon GuardDuty findings
3. Amazon CloudWatch Logs, AWS CloudTrail logs and Amazon Inspector logs
4. Amazon CloudWatch Logs, AWS CloudTrail logs and S3 Access Logs

Answer 1

Amazon Detective uses AWS CloudTrail logs, Amazon VPC Flow Logs, and Amazon GuardDuty findings to analyze events and spot security issues. The correct answer is option 1: AWS CloudTrail logs, Amazon VPC Flow Logs, and Amazon GuardDuty findings. Amazon Detective uses these data sources to analyze events and identify potential security issues.

Step-by-step explanation:

The data sources used by Amazon Detective to analyze events and identify potential security issues are:

1. AWS CloudTrail logs
2. Amazon VPC Flow Logs
3. Amazon GuardDuty findings

Amazon Detective integrates these data sources to provide a unified view of the resources, user activities, and API usage in the AWS environment, which helps in identifying and investigating security incidents more efficiently.