Which solution meets these requirements?
Set up AWS WAF to evaluate suspicious web traffic. Create AWS Lambda functions to log any findings in Amazon CloudWatch and send email notifications to administrators.
Set up AWS Shield to evaluate suspicious web traffic. Create AWS Lambda functions to log any findings in Amazon CloudWatch and send email notifications to administrators.
Deploy Amazon Inspector to monitor the environment and generate findings in Amazon CloudWatch. Configure an Amazon EventBridge (Amazon CloudWatch Events) rule to publish a message to an Amazon Simple Notification Service (Amazon SNS) topic to notify administrators by email.
Deploy Amazon GuardDuty to monitor the environment and generate findings in Amazon CloudWatch. Configure an Amazon EventBridge (Amazon CloudWatch Events) rule to publish a message to an Amazon Simple Notification Service (Amazon SNS) topic to notify administrators by email.
Explanations:
AWS WAF is primarily used for web application firewall protection and does not directly monitor for security breaches or generate security findings related to overall infrastructure.
AWS Shield focuses on DDoS protection rather than detecting security breaches across the entire environment. It does not produce actionable findings for application or infrastructure monitoring.
Amazon Inspector provides vulnerability assessment for specific resources but does not comprehensively monitor traffic or activity across the AWS environment for potential security breaches.
Amazon GuardDuty is designed for threat detection across AWS environments, identifying potential security breaches. It integrates with EventBridge to trigger SNS notifications for administrator alerts.
If I’m not mistaken, the answer is:
Deploy Amazon GuardDuty to monitor the environment and generate findings in Amazon CloudWatch. Configure an Amazon EventBridge (Amazon CloudWatch Events) rule to publish a message to an Amazon Simple Notification Service (Amazon SNS) topic to notify administrators by email.