Exam AWS Certified Security - Specialty SCS-C02 topic 1 question 131 discussion

My answer is C. Pre-built tools: Leverages pre-built tools like Kinesis Agent for data collection and Firehose for delivery. Flink provides real-time processing capabilities without needing to build custom logic. Managed Services: Utilizes managed services like OpenSearch Service which eliminates the need for manual provisioning and maintenance of an Elasticsearch cluster. Automated Lifecycle Management: OpenSearch Service ISM policy automates data deletion after 365 days, reducing manual intervention.

The correct answer is: C. Install Amazon Kinesis Agent on the on-premises server to send the logs to Amazon Kinesis Data Firehose. Configure Amazon Managed Service for Apache Flink (previously known as Amazon Kinesis Data Analytics) as the destination for real-time processing. Store the logs in Amazon OpenSearch Service for pattern matching and substring search. Configure an OpenSearch Service Index State Management (ISM) policy to delete the data after 365 days. This solution meets all the requirements with the least development overhead. Amazon Kinesis Agent can be used to collect and send logs to Amazon Kinesis Data Firehose, which can handle real-time streaming data. Amazon Managed Service for Apache Flink can be used for real-time processing. The logs can be stored in Amazon OpenSearch Service (formerly known as Amazon Elasticsearch Service), which provides powerful search capabilities. An ISM policy can be configured to automatically delete data after 365 days. The other options either involve more development overhead or do not meet all the requirements.

C A. DynamoDB with Lambda: This option requires building and managing Lambda functions for both real-time analysis and triggering Athena queries. Additionally, DynamoDB might not be the optimal choice for long-term log storage due to its cost structure. B. Amazon MSK: While MSK can handle streaming data, it requires more configuration and potentially custom code for real-time analysis compared to a managed service like AMSK. D. API Gateway and Lambda: This option requires significant development effort to build and manage API Gateway endpoints and Lambda functions for log ingestion and analysis. Additionally, using DynamoDB with federated Athena queries might be less performant for complex log search needs compared to OpenSearch Service.

I think answer is C B is wrong because Amazon Managed Streaming for Apache Kafka (Amazon MSK) is not a service that is installed on-premises, it is a managed service on AWS.