Your company is hosting a set of EC2 Instances on AWS. They want to have the ability to detect if any port scans occur on their AWS EC2 Instances. Which of the following can help in this regard?

Answer options:

A.Use AWS Macie to inspect the instances for port scans consciously.
B.Use AWS Trusted Advisor to notify of any malicious port scans.
C.Use AWS Config to notify of any malicious port scans.
D.Use AWS GuardDuty to monitor any malicious port scans.

Answer: D
Option A is incorrect because Amazon Macie is a fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in AWS. It cannot assist with a detailed port scanning to determine which ports on a network are open and could be receiving or sending data and identify vulnerabilities.
Option B is incorrect because Trusted Advisor inspects your AWS environment and makes recommendations for saving money, improving system performance, or closing security gaps. It cannot assist with a detailed port scanning to determine which ports on a network are open and could be receiving or sending data and identify vulnerabilities.
Option C is incorrect because AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources but does not help with port scanning on our AWS resource and Infrastructure.
Option D is CORRECT because, In combination with information gleaned from your VPC Flow Logs, AWS CloudTrail Event Logs, and DNS logs, GuardDuty can detect many different types of dangerous and mischievous behavior, including probes for known vulnerabilities, port scans, and access from unusual locations.
For more information on AWS GuardDuty, kindly refer to the following URL:
https://aws.amazon.com/blogs/aws/amazon-guardduty-continuous-security-monitoring-threat-detection/