[Solved] Why does GuardDuty not require you to deploy agents on your EC2 instances to detect threats? — Ans: GuardDuty analyzes network and account activity logs centrally without needing... | AWS

AWS - Advanced Security

Why does GuardDuty not require you to deploy agents on your EC2 instances to detect threats?

AGuardDuty only monitors S3 buckets, so agents are unnecessary

BGuardDuty uses Lambda functions installed on each instance instead

CGuardDuty analyzes network and account activity logs centrally without needing agents

DGuardDuty requires manual log uploads, so agents are redundant

Step-by-Step Solution

Solution:

Step 1: Understand GuardDuty architecture
GuardDuty analyzes VPC flow logs, CloudTrail, and DNS logs centrally, so no agents are needed on instances.
Step 2: Exclude incorrect options
GuardDuty does not use Lambda on instances, does not only monitor S3, and does not require manual log uploads.
Final Answer:
GuardDuty analyzes network and account activity logs centrally without needing agents -> Option C
Quick Check:
Agentless detection = A [OK]

Quick Trick: GuardDuty is agentless, using centralized log analysis [OK]

Common Mistakes:

Master "Advanced Security" in AWS

9 interactive learning modes - each teaches the same concept differently

More AWS Quizzes

Why does GuardDuty not require you to deploy agents on your EC2 instances to detect threats?