Q36 — AWS SCS-C02 Ch.1

Question 36 of 100 | ← Chapter 1

A company is migrating container workloads from a data center to Amazon Elastic ContainerService(Amazon ECS)custers.The company must implement a solution to detect potential threats in the workloads and to improve the security posture of the container clusters. Which solution will meetthese requirements?

Correct Answer: B. Enable Amazon GuardDuty Runtime Monitoring on the ECS clusters.

Explanation

题目要求提升Amazon ECS容器集群的安全态势并检测潜在威胁。Amazon GuardDuty Runtime Monitoring专为容器设计,持续扫描运行时环境中的恶意活动、异常API调用及可疑进程行为,如加密货币挖矿、权限提升。它直接集成到ECS集群,无需额外配置代理,可识别容器特有的威胁。AWS官方文档指出GuardDuty Runtime Monitoring增强了对容器工作负载的威胁检测能力。选项A的Amazon Inspector侧重于漏洞评估,非实时威胁监控;选项C的CloudWatch审计API日志属于被动分析;选项D的VPC流日志仅监控网络流量,无法检测容器内部威胁。