A company wants continuous, intelligent monitoring of their AWS accounts for compromised instances, unusual API calls, and crypto-mining activity, with minimal setup. Which service should they enable?
A) AWS Config.
B) Amazon GuardDuty.
C) AWS Trusted Advisor.
D) Amazon CloudWatch alarms only.
Correct Answer: B
Explanation: Amazon GuardDuty is a managed threat-detection service that continuously analyzes CloudTrail, VPC Flow Logs, and DNS logs using ML to flag malicious behavior — enabled with one click. (A) Config tracks configuration/compliance. (C) Trusted Advisor gives best-practice checks. (D) CloudWatch alarms require you to define every condition manually.