ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified DevOps Engineer - Professional DOP-C02 All Questions

View all questions & answers for the AWS Certified DevOps Engineer - Professional DOP-C02 exam
Go to Exam

Exam AWS Certified DevOps Engineer - Professional DOP-C02 topic 1 question 103 discussion

Exam question from Amazon's AWS Certified DevOps Engineer - Professional DOP-C02
Question #: 103
Topic #: 1
[All AWS Certified DevOps Engineer - Professional DOP-C02 Questions]

A company’s DevOps engineer is working in a multi-account environment. The company uses AWS Transit Gateway to route all outbound traffic through a network operations account. In the network operations account, all account traffic passes through a firewall appliance for inspection before the traffic goes to an internet gateway.

The firewall appliance sends logs to Amazon CloudWatch Logs and includes event severities of CRITICAL, HIGH, MEDIUM, LOW, and INFO. The security team wants to receive an alert if any CRITICAL events occur.

What should the DevOps engineer do to meet these requirements?

  • A. Create an Amazon CloudWatch Synthetics canary to monitor the firewall state. If the firewall reaches a CRITICAL state or logs a CRITICAL event, use a CloudWatch alarm to publish a notification to an Amazon Simple Notification Service (Amazon SNS) topic. Subscribe the security team’s email address to the topic.
  • B. Create an Amazon CloudWatch metric filter by using a search for CRITICAL events. Publish a custom metric for the finding. Use a CloudWatch alarm based on the custom metric to publish a notification to an Amazon Simple Notification Service (Amazon SNS) topic. Subscribe the security team’s email address to the topic.
  • C. Enable Amazon GuardDuty in the network operations account. Configure GuardDuty to monitor flow logs. Create an Amazon EventBridge event rule that is invoked by GuardDuty events that are CRITICAL. Define an Amazon Simple Notification Service (Amazon SNS) topic as a target. Subscribe the security team’s email address to the topic.
  • D. Use AWS Firewall Manager to apply consistent policies across all accounts. Create an Amazon EventBridge event rule that is invoked by Firewall Manager events that are CRITICAL. Define an Amazon Simple Notification Service (Amazon SNS) topic as a target. Subscribe the security team’s email address to the topic.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by devnv at May 14, 2023, 11:52 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
2pk
Highly Voted 1 year, 5 months ago
Selected Answer: B
The logs from the firewall appliance are already being sent to Amazon CloudWatch Logs. So , The best approach to meet the given requirements is to create an Amazon CloudWatch metric filter by using a search for CRITICAL events
upvoted 7 times
...
habros
Highly Voted 1 year, 3 months ago
B. As the appliance pipes to CW Logs for consolidation. Define an alarm listening to the metric and should be okay. D is ONLY CORRECT IF YOU ARE USING AWS FIREWALL MANAGER.
upvoted 5 times
...
seetpt
Most Recent 5 months, 4 weeks ago
Selected Answer: B
I think B
upvoted 1 times
...
dkp
6 months, 2 weeks ago
Selected Answer: B
answer B
upvoted 2 times
...
thanhnv142
8 months, 4 weeks ago
B is correct: <firewall appliance sends logs to Amazon CloudWatch Logs> means we already have the log in CW logs, only need to create alarm on these log files and send to sends A: No need to monitor the state of the firewall C and D: no mention of CloudWatch Logs
upvoted 4 times
...
OrganizedChaos25
1 year, 5 months ago
B is the correct answer
upvoted 1 times
...
devnv
1 year, 5 months ago
B is correct
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago