Valid SCS-C03 Dumps shared by EduDump.com for Helping Passing SCS-C03 Exam! EduDump.com now offer the newest SCS-C03 exam dumps, the EduDump.com SCS-C03 exam questions have been updated and answers have been corrected get the newest EduDump.com SCS-C03 dumps with Test Engine here:
A company has a single AWS account and uses an Amazon EC2 instance to test application code. The company recently discovered that the instance was compromised and was serving malware. Analysis showed that the instance was compromised 35 days ago. A security engineer must implement a continuous monitoring solution that automatically notifies the security team by email for high severity findings as soon as possible. Which combination of steps should the security engineer take to meet these requirements? (Select THREE.)
Correct Answer: B,C,E
Amazon GuardDuty provides continuous threat detection for compromised instances by analyzing VPC Flow Logs, DNS logs, and CloudTrail events. According to AWS Certified Security - Specialty guidance, GuardDuty is the fastest service to enable for detecting malware and compromised EC2 instances. To notify the security team, Amazon SNS provides a native email notification mechanism with minimal setup. Amazon EventBridge integrates directly with GuardDuty findings and can filter based on severity. Creating an EventBridge rule that matches high severity GuardDuty findings and publishes to SNS ensures immediate notification. Security Hub is not required for this use case and adds additional setup time. Amazon SQS does not support email subscriptions. Referenced AWS Specialty Documents: AWS Certified Security - Specialty Official Study Guide Amazon GuardDuty Findings and Severity Amazon EventBridge Integration with GuardDuty
