A company has enabled Amazon GuardDuty in all AWS Regions as part of its security...

Amazon Web Services SCS-C02 Question Answer

A company has enabled Amazon GuardDuty in all AWS Regions as part of its security monitoring strategy. In one of its VPCs, the company hosts an Amazon EC2 instance that works as an FTP server. A high number of clients from multiple locations contact the FTP server. GuardDuty identifies this activity as a bruteforce attack because of the high number of connections that happen every hour.

The company has flagged the finding as a false positive, but GuardDuty continues to raise the issue. A security engineer must improve the signal-to-noise ratio without compromising the companys visibility of potential anomalous behavior.

Which solution will meet these requirements?

Disable the FTP rule in GuardDuty in the Region where the FTP server is deployed.

Add the FTP server to a trusted IP list. Deploy the list to GuardDuty to stop receiving the notifications.

Create a suppression rule in GuardDuty to filter findings by automatically archiving new findings that match the specified criteria.

Create an AWS Lambda function that has the appropriate permissions to de-lete the finding whenever a new occurrence is reported.

Amazon Web Services SCS-C02 View All Questions

Amazon Web Services SCS-C02 Summary

Vendor: Amazon Web Services
Product: SCS-C02
Update on: Dec 19, 2025
Questions: 467

Price: $52.5 ~~$149.99~~

Buy Now SCS-C02 PDF + Testing Engine Pack

A company is migrating its Amazon EC2 based applications to use Instance Metadata Service Version...

A security engineer is setting up an AWS CloudTrail trail for all regions in an...

New Year Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmasmnth

A company has enabled Amazon GuardDuty in all AWS Regions as part of its security...

The Answer Is:

Explanation:

Amazon Web Services SCS-C02 Summary

Payments We Accept

Contact Us