exam questions

Exam AWS Certified Solutions Architect - Professional All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional exam

Exam AWS Certified Solutions Architect - Professional topic 1 question 775 discussion

A company is running an application distributed over several Amazon EC2 instances in an Auto Scaling group behind an Application Load Balancer. The security team requires that all application access attempts be made available for analysis. Information about the client IP address, connection type, and user agent must be included.
Which solution will meet these requirements?

  • A. Enable EC2 detailed monitoring, and include network logs. Send all logs through Amazon Kinesis Data Firehose to an Amazon Elasticsearch Service (Amazon ES) cluster that the security team uses for analysis.
  • B. Enable VPC Flow Logs for all EC2 instance network interfaces. Publish VPC Flow Logs to an Amazon S3 bucket. Have the security team use Amazon Athena to query and analyze the logs.
  • C. Enable access logs for the Application Load Balancer, and publish the logs to an Amazon S3 bucket. Have the security team use Amazon Athena to query and analyze the logs.
  • D. Enable Traffic Mirroring and specify all EC2 instance network interfaces as the source. Send all traffic information through Amazon Kinesis Data Firehose to an Amazon Elasticsearch Service (Amazon ES) cluster that the security team uses for analysis.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
denccc
Highly Voted 3 years, 1 month ago
Would go for C
upvoted 8 times
denccc
3 years, 1 month ago
https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-access-logs.html
upvoted 5 times
...
...
vid001
Most Recent 2 years ago
C. Enable access logs for the Application Load Balancer, and publish the logs to an Amazon S3 bucket. Have the security team use Amazon Athena to query and analyze the logs.
upvoted 1 times
...
nm4u
2 years, 5 months ago
Only and Only C.
upvoted 1 times
...
Anhdd
2 years, 6 months ago
Selected Answer: C
Clearly C
upvoted 1 times
...
Netaji
2 years, 8 months ago
Selected Answer: C
https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-access-logs.html
upvoted 1 times
...
jj22222
2 years, 10 months ago
Selected Answer: C
CCCCCCCCCCCCCC
upvoted 1 times
...
seyik
2 years, 10 months ago
D https://docs.aws.amazon.com/vpc/latest/mirroring/what-is-traffic-mirroring.html ES is used for analyzing the steamed logs not Athena
upvoted 1 times
seyik
2 years, 10 months ago
Please ignore this post
upvoted 1 times
...
...
cldy
2 years, 12 months ago
C. Enable access logs for the Application Load Balancer, and publish the logs to an Amazon S3 bucket. Have the security team use Amazon Athena to query and analyze the logs.
upvoted 1 times
...
AzureDP900
2 years, 12 months ago
I will go with C
upvoted 1 times
...
andylogan
3 years, 1 month ago
It's C
upvoted 2 times
...
tgv
3 years, 1 month ago
CCC ---
upvoted 4 times
lifehacker0777
2 years, 10 months ago
i have a set of new sap c01 questions, how can i send. Thanks
upvoted 6 times
...
...
pkboy78
3 years, 2 months ago
It is C
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...