Q53 — AWS SAA-C03 Ch.5

Question 53 of 65 | ← Chapter 5

Q353. A company that uses AWS has discovered that a former employee has launched large Amazon EC2 instances to mine cryptocurrencies.The company wants to prevent the launch of new large instances. The company needs a solution that sends notifications if instances are used for mining activities. The solution also needs to centrally manage IAM users by using Microsoft Active Directory as an identity provider (IdP).Which solution will meet these requirements?

Correct Answer: A. Use Amazon GuardDuty and Amazon EventBridge to detect mining activities and provide notifications.Implement AWS Organizations and a service control policy(SCP) that denies large instances.Implement single sign-on (SSO) with AWS Directory Service for Microsoft Active Directory as the IdP to manage the users

Explanation

Apologies for the confusion in my previous response. Upon reviewing the options again, the correct solution that meets the given requirements is indeed option A: Use Amazon GuardDuty and Amazon EventBridge to detect mining activities and provide notifications. Implement AWS Organizations and a service control policy (SCP) that denies large instances. Implement single sign-on (SSO) with AWS Directory Service for Microsoft Active Directory as the IdP to manage the users.Here's a breakdown of why option A is the correct choice:Amazon GuardDuty is a threat detection service that continuously monitors AWS accounts for malicious activity. By configuring GuardDuty to detect mining activities, the company can identify instances used for mining cryptocurrencies.Amazon EventBridge can be used to set up event-driven notifications based on events detected by GuardDuty. This ensures that the company receives timely notifications when instances are being used for mining activities.Implementing AWS Organizations allows for centralized management of multiple AWS accounts within the company's organization. By applying a service control policy (SCP) at the organization level, the company can enforce restrictions on launching large instances, effectively preventing the launch of new instances for mining cryptocurrencies.To centrally manage IAM users using Microsoft Active Directory as the identity provider (IdP), the company can implement single sign-on (SSO) with AWS Directory Service for Microsoft Active Directory. This integration enables seamless authentication and user management, leveraging the existing Active Directory infrastructure.Option B is incorrect because it suggests using Amazon Macie instead of Amazon GuardDuty, which is not specifically designed to detect mining activities.Option C and Option D are incorrect because they suggest using Amazon Cognito instead of AWS Directory Service for Microsoft Active Directory as the IdP, which is not the recommended approach for integrating with Microsoft Active Directory.