exam questions

Exam AWS Certified Security - Specialty SCS-C02 All Questions

View all questions & answers for the AWS Certified Security - Specialty SCS-C02 exam

Exam AWS Certified Security - Specialty SCS-C02 topic 1 question 131 discussion

A company wants to create a log analytics solution for logs generated from its on-premises devices. The logs are collected from the devices onto a server on premises. The company wants to use AWS services to perform near real-time log analysis. The company also wants to store these logs for 365 days for pattern matching and substring search capabilities later.

Which solution will meet these requirements with the LEAST development overhead?

  • A. Install Amazon Kinesis Agent on the on-premises server to send the logs to Amazon DynamoDB. Configure an AWS Lambda trigger on DynamoDB streams to perform near real-time log analysis. Export the DynamoDB data to Amazon S3 periodically. Run Amazon Athena queries for pattern matching and substring search. Set up S3 Lifecycle policies to delete the log data after 365 days.
  • B. Install Amazon Managed Streaming for Apache Kafka (Amazon MSK) on the on-premises server. Create an MSK cluster to collect the streaming data and analyze the data in real time. Set the data retention period to 365 days to store the logs persistently for pattern matching and substring search.
  • C. Install Amazon Kinesis Agent on the on-premises server to send the logs to Amazon Kinesis Data Firehose. Configure Amazon Managed Service for Apache Flink (previously known as Amazon Kinesis Data Analytics) as the destination for real-time processing. Store the logs in Amazon OpenSearch Service for pattern matching and substring search. Configure an OpenSearch Service Index State Management (ISM) policy to delete the data after 365 days.
  • D. Use Amazon API Gateway and AWS Lambda to write the logs from the on-premises server to Amazon DynamoDB. Configure a Lambda trigger on DynamoDB streams to perform near real-time log analysis. Run Amazon Athena federated queries on DynamoDB data for pattern matching and substring search. Set up TTL to delete data after 365 days.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
aescudero51
5 months, 4 weeks ago
Selected Answer: C
My answer is C. Pre-built tools: Leverages pre-built tools like Kinesis Agent for data collection and Firehose for delivery. Flink provides real-time processing capabilities without needing to build custom logic. Managed Services: Utilizes managed services like OpenSearch Service which eliminates the need for manual provisioning and maintenance of an Elasticsearch cluster. Automated Lifecycle Management: OpenSearch Service ISM policy automates data deletion after 365 days, reducing manual intervention.
upvoted 3 times
...
Certified101
6 months, 2 weeks ago
Selected Answer: C
The correct answer is: C. Install Amazon Kinesis Agent on the on-premises server to send the logs to Amazon Kinesis Data Firehose. Configure Amazon Managed Service for Apache Flink (previously known as Amazon Kinesis Data Analytics) as the destination for real-time processing. Store the logs in Amazon OpenSearch Service for pattern matching and substring search. Configure an OpenSearch Service Index State Management (ISM) policy to delete the data after 365 days. This solution meets all the requirements with the least development overhead. Amazon Kinesis Agent can be used to collect and send logs to Amazon Kinesis Data Firehose, which can handle real-time streaming data. Amazon Managed Service for Apache Flink can be used for real-time processing. The logs can be stored in Amazon OpenSearch Service (formerly known as Amazon Elasticsearch Service), which provides powerful search capabilities. An ISM policy can be configured to automatically delete data after 365 days. The other options either involve more development overhead or do not meet all the requirements.
upvoted 3 times
...
Nash101
6 months, 2 weeks ago
C A. DynamoDB with Lambda: This option requires building and managing Lambda functions for both real-time analysis and triggering Athena queries. Additionally, DynamoDB might not be the optimal choice for long-term log storage due to its cost structure. B. Amazon MSK: While MSK can handle streaming data, it requires more configuration and potentially custom code for real-time analysis compared to a managed service like AMSK. D. API Gateway and Lambda: This option requires significant development effort to build and manage API Gateway endpoints and Lambda functions for log ingestion and analysis. Additionally, using DynamoDB with federated Athena queries might be less performant for complex log search needs compared to OpenSearch Service.
upvoted 1 times
...
Zek
6 months, 3 weeks ago
I think answer is C B is wrong because Amazon Managed Streaming for Apache Kafka (Amazon MSK) is not a service that is installed on-premises, it is a managed service on AWS.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...