Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty SCS-C02 All Questions

View all questions & answers for the AWS Certified Security - Specialty SCS-C02 exam
Go to Exam

Exam AWS Certified Security - Specialty SCS-C02 topic 1 question 24 discussion

Exam question from Amazon's AWS Certified Security - Specialty SCS-C02
Question #: 24
Topic #: 1
[All AWS Certified Security - Specialty SCS-C02 Questions]

A company hosts a web application on an Apache web server. The application runs on Amazon EC2 instances that are in an Auto Scaling group. The company configured the EC2 instances to send the Apache web server logs to an Amazon CloudWatch Logs group that the company has configured to expire after 1 year.
Recently, the company discovered in the Apache web server logs that a specific IP address is sending suspicious requests to the web application. A security engineer wants to analyze the past week of Apache web server logs to determine how many requests that the IP address sent and the corresponding URLs that the IP address requested.
What should the security engineer do to meet these requirements with the LEAST effort?

  • A. Export the CloudWatch Logs group data to Amazon S3. Use Amazon Macie to query the logs for the specific IP address and the requested URL.
  • B. Configure a CloudWatch Logs subscription to stream the log group to an Amazon OpenSearch Service cluster. Use OpenSearch Service to analyze the logs for the specific IP address and the requested URLs.
  • C. Use CloudWatch Logs Insights and a custom query syntax to analyze the CloudWatch logs for the specific IP address and the requested URLs.
  • D. Export the CloudWatch Logs group data to Amazon S3. Use AWS Glue to crawl the S3 bucket for only the log entries that contain the specific IP address. Use AWS Glue to view the results.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by kk2000 at Oct. 7, 2023, 1:25 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
AgboolaKun
Highly Voted 11 months, 3 weeks ago
Selected Answer: C
The correct answer here is C. Please check the Queries for Apache server logs section of the following document - https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax-examples.html
upvoted 9 times
...
dhewa
Most Recent 2 weeks, 5 days ago
Selected Answer: C
CloudWatch Logs Insights allows you to run queries directly on your log data, making it a quick and efficient way to analyze logs without needing to export or set up additional services. You can use a custom query to filter logs by the specific IP address and extract the requested URLs
upvoted 1 times
...
shailvardhan
4 months, 1 week ago
Selected Answer: C
no doubt it is C
upvoted 1 times
...
i7ovemyself
7 months, 3 weeks ago
A is not the answer as macie is used to scan s3 buckets for PII.
upvoted 2 times
...
Raphaello
9 months, 3 weeks ago
C A classic usage of CloudWatch Logs Insights https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax-examples.html#CWL_QuerySyntax-examples-Apache
upvoted 2 times
...
Aamee
10 months ago
Selected Answer: C
Option C only among all others can only get this sol. done with the 'LEAST' effort as per the ask/reqs.
upvoted 1 times
...
[Removed]
11 months, 1 week ago
Selected Answer: C
Answer is C
upvoted 1 times
...
lalee2
11 months, 1 week ago
Selected Answer: C
C seems to be correct
upvoted 1 times
...
Sumi81
11 months, 2 weeks ago
C is correct
upvoted 2 times
...
kk2000
12 months ago
Correct Answer is C
upvoted 2 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel