Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS 2018 - By Service Section - FAQs > Amazon GuardDuty | Service Overview > Flashcards

Amazon GuardDuty | Service Overview Flashcards

1
Q

What is Amazon GuardDuty?

Service Overview

Amazon GuardDuty | Security, Identity & Compliance

A

Amazon GuardDuty offers threat detection that enables you to continuously monitor and protect your AWS accounts and workloads. GuardDuty analyzes continuous streams of meta-data generated from your account and network activity found in AWS CloudTrail Events, Amazon VPC Flow Logs, and DNS Logs. It also uses integrated threat intelligence such as known malicious IP addresses, anomaly detection, and machine learning to identify threats more accurately.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the key benefits of Amazon GuardDuty?

Service Overview

Amazon GuardDuty | Security, Identity & Compliance

A

Amazon GuardDuty makes it easy for you to enable continuous monitoring of your AWS accounts and workloads. It operates completely independently from your resources so there is no risk of performance or availability impacts to your workloads. It’s fully managed with integrated threat intelligence, anomaly detection, and machine learning. Amazon GuardDuty delivers detailed and actionable alerts that are easy to integrate with existing event management and workflow systems. There are no upfront costs and you pay only for the events analyzed, with no additional software to deploy or subscriptions to threat intelligence feeds required.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How much does Amazon GuardDuty cost?

Service Overview

Amazon GuardDuty | Security, Identity & Compliance

A

Amazon GuardDuty is priced along two dimensions. The dimensions are based on the quantity of AWS CloudTrail Events analyzed (per 1,000,000 events) and the volume of Amazon VPC Flow Logs and DNS Logs analyzed (per GB).

AWS CloudTrail Event analysis – GuardDuty continuously analyzes AWS CloudTrail management events, monitoring all access and behavior of your AWS accounts and infrastructure. CloudTrail Event analysis is charged per 1,000,000 events per month and pro-rated.

VPC Flow Log and DNS Log analysis – GuardDuty continuously analyzes VPC Flow Logs and DNS requests and responses to identify malicious, unauthorized, or unexpected behavior in your Amazon EC2 instances. Flow log and DNS log analysis is charged per Gigabyte (GB) per month. Flow log and DNS log analysis is offered with tiered volume discounts.

There are no upfront charges and you pay only for the data analyzed.

See Amazon GuardDuty pricing for details and pricing examples.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Is there a free trial?

Service Overview

Amazon GuardDuty | Security, Identity & Compliance

A

Yes, any new account to Amazon GuardDuty can try the service for 30-days at no cost. You will have access to the full feature set and detections during the free trial. GuardDuty will display the volume of data processed and estimated daily average service charges for your account. This makes it easy for you to experience Amazon GuardDuty at no cost and forecast the cost of the service beyond the free trial.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the difference between Amazon GuardDuty and Amazon Macie?

Service Overview

Amazon GuardDuty | Security, Identity & Compliance

A

Amazon GuardDuty provides broad protection of your AWS accounts, workloads, and data by helping to identify threats such as attacker reconnaissance, instance compromise, and account compromise. Amazon Macie helps you protect your data in Amazon S3 by helping you classify what data you have, the value that data has to the business, and the behavior associated with access to that data. Both services incorporate user behavior analysis, machine learning, and anomaly detection to detect threats in their respective categories.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Is Amazon GuardDuty a regional or global service?

Service Overview

Amazon GuardDuty | Security, Identity & Compliance

A

Amazon GuardDuty is a regional service. Even when multiple accounts are enabled and multiple regions are used, the Amazon GuardDuty security findings remain in the same regions where the underlying data was generated. This ensures all data analyzed is regionally based and doesn’t cross AWS regional boundaries. Customers can choose to aggregate security findings produced by Amazon GuardDuty across regions by utilizing AWS CloudWatch Events, pushing findings to a data store in the customer’s control, like Amazon S3, and then aggregating findings as they see fit.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What regions does Amazon GuardDuty support?

Service Overview

Amazon GuardDuty | Security, Identity & Compliance

A

The regional availability of Amazon GuardDuty is listed here: AWS Region Table

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

AWS 2018 - By Service Section - FAQs (744 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions