exam questions

Exam AWS Certified Security - Specialty SCS-C02 All Questions

View all questions & answers for the AWS Certified Security - Specialty SCS-C02 exam

Exam AWS Certified Security - Specialty SCS-C02 topic 1 question 160 discussion

A company needs to create a centralized solution to analyze log files. The company uses an organization in AWS Organizations to manage its AWS accounts.

The solution must aggregate and normalize events from the following sources:

• The entire organization in Organizations
• All AWS Marketplace offerings that run in the company’s AWS accounts
• The company's on-premises systems

Which solution will meet these requirements?

  • A. Configure a centralized Amazon S3 bucket for the logs. Enable VPC Flow Logs, AWS CloudTrail. and Amazon Route 53 logs in all accounts. Configure all accounts to use the centralized S3 bucket. Configure AWS Glue crawlers to parse the log files. Use Amazon Athena to query the log data.
  • B. Configure log streams in Amazon CloudWatch Logs for the sources that need monitoring Create log subscription filters for each log stream. Forward the messages to Amazon OpenSearch Service for analysis.
  • C. Set up a delegated Amazon Security Lake administrator account in Organizations. Enable and configure Security Lake for the organization. Add the accounts that need monitoring. Use Amazon Athena to query the log data.
  • D. Apply an SCP to configure all member accounts and services to deliver log files to a centralized Amazon S3 bucket. Use Amazon OpenSearch Service to query the centralized S3 bucket for log entries.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
nischal77777
3 months, 2 weeks ago
Selected Answer: C
Amazon Security Lake is designed to automatically collect, normalize, and store security-related data across AWS accounts and on-premises systems. Security Lake can be set up in a delegated administrator account within AWS Organizations, allowing centralized management and configuration across all accounts in the organization. Amazon Athena can be used to query and analyze the log data stored in Security Lake, providing a powerful and flexible way to gain insights from the aggregated logs. Using Amazon Security Lake provides a streamlined and integrated approach to centralized log management across your entire AWS organization and on-premises systems, making it the most effective and efficient solution for your needs.
upvoted 3 times
...
Savinda
3 months, 3 weeks ago
Selected Answer: C
C should be the answer
upvoted 2 times
...
xekiva3329
5 months ago
Selected Answer: C
answer: C
upvoted 3 times
...
cumzle_com
5 months, 1 week ago
Selected Answer: C
Considering the requirements to aggregate and normalize logs from the entire AWS organization, AWS Marketplace offerings, and on-premises systems into a centralized solution for analysis, Amazon Security Lake appears to provide a more comprehensive and automated approach compared to Options A/B
upvoted 3 times
...
grekh001
5 months, 3 weeks ago
C Amazon Security Lake automatically centralizes security data from AWS environments, SaaS providers, on premises, and cloud sources into a purpose-built data lake stored in your account. With OCSF support, the service normalizes and combines security data from AWS and a broad range of enterprise security data sources. https://aws.amazon.com/security-lake/
upvoted 3 times
...
aescudero51
6 months ago
Selected Answer: B
Answer A: While S3 can store logs centrally, it lacks the log management and analysis features of CloudWatch Logs and OpenSearch Service. Additionally, using Glue crawlers and Athena would be a more complex approach for real-time analysis. Answer C: Security Lake is primarily focused on security data analysis, and it might be overkill for general log analysis from various sources. Answer D: SCP can enforce centralized log storage in S3, but it wouldn't offer the collection, filtering, and advanced analytics capabilities needed. Additionally, querying logs directly from S3 with OpenSearch Service would be inefficient. Therefore, Answer B offers a centralized, flexible, and scalable solution for collecting, filtering, and analyzing logs from the organization, on-premises systems, and AWS Marketplace offerings.
upvoted 2 times
grekh001
5 months, 3 weeks ago
The solution must aggregate and normalize events... Option B does not address normalization. Secruity Lake does.
upvoted 4 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago