Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Amazon Exam PAS-C01 Topic 7 Question 37 Discussion

Actual exam question for Amazon's PAS-C01 exam
Question #: 37
Topic #: 7
[All PAS-C01 Questions]

A financial services company is implementing SAP core banking on AWS. The company must not allow any system information to traverse the public internet. The company needs to implement secure monitoring of its SAP ERP Central Component (SAP ECO system to check for performance issues and faults in its application. The solution must maximize security and must be supported by SAP and AWS.

How should be company integrate AWS metrics with its SAP system to meet these requirements?

Show Suggested Answer Hide Answer
Suggested Answer: C

VPC endpoints to ensure that traffic to and from the CloudWatch and EC2 services stays within the VPC. Additionally, an IAM policy is created to grant access to only the necessary actions, such as DescribeInstances and GetMetricStatistics, for all EC2 resources. This approach will provide secure monitoring of the SAP system while maximizing security and ensuring support from both SAP and AWS.

https://docs.aws.amazon.com/sap/latest/general/data-provider-req.html#vpc-endpoints


Contribute your Thoughts:

Julie
4 months ago
Ah, the joys of secure cloud architectures. Option C is definitely the most elegant solution to this problem. Now if only I could get my boss to understand the difference between a VPC and a VPS...
upvoted 0 times
...
Laticia
4 months ago
The AWS Data Provider for SAP sounds like the perfect tool for this job. Option C is the clear winner in my opinion.
upvoted 0 times
Alesia
3 months ago
Yes, the AWS Data Provider for SAP is designed specifically for this purpose. Setting up VPC endpoints for Amazon CloudWatch and EC2 will help maintain a secure connection without exposing system information to the public internet.
upvoted 0 times
...
Winfred
4 months ago
I agree, Option C seems to be the most secure and efficient way to integrate AWS metrics with the SAP system. It's important to maximize security when dealing with sensitive financial data.
upvoted 0 times
...
Graciela
4 months ago
Option C is definitely the best choice. Installing the AWS Data Provider for SAP and creating VPC endpoints for Amazon CloudWatch and EC2 will ensure secure monitoring.
upvoted 0 times
...
...
Maybelle
4 months ago
Haha, I'm not sure I'd want to give the EC2 instances full access to all actions on all resources. That's a bit overkill, don't you think? Option C is the way to go.
upvoted 0 times
Markus
4 months ago
I think we can trust Option C to meet the company's requirements.
upvoted 0 times
...
Madalyn
4 months ago
Definitely, setting up VPC endpoints for Amazon CloudWatch and EC2 is a good way to go.
upvoted 0 times
...
Janessa
4 months ago
Option C seems like a more secure choice.
upvoted 0 times
...
Nobuko
4 months ago
I agree, giving full access to all actions on all resources seems risky.
upvoted 0 times
...
...
Princess
5 months ago
I agree with Eileen. Option C seems to hit all the key requirements - secure monitoring, SAP and AWS support, and no public internet access.
upvoted 0 times
Tommy
3 months ago
Agreed. Option C provides a comprehensive solution that meets all the company's needs.
upvoted 0 times
...
Katlyn
3 months ago
I think so too. It's important to ensure that no system information is exposed to the public internet.
upvoted 0 times
...
Lavera
3 months ago
Option C seems like the best choice. It covers all the necessary security and monitoring requirements.
upvoted 0 times
...
Talia
4 months ago
Agreed, Option C covers all the bases for secure monitoring and compliance with SAP and AWS.
upvoted 0 times
...
Lisha
4 months ago
I think Option C is the way to go for integrating AWS metrics with SAP.
upvoted 0 times
...
Therese
4 months ago
Option C seems to be the best choice for secure monitoring and meeting all the requirements.
upvoted 0 times
...
...
Elmer
5 months ago
I think option D is too risky as it allows all actions for all EC2 resources. I would go with option B for a more secure approach.
upvoted 0 times
...
Charlene
5 months ago
But option C also seems valid, with creating VPC endpoints for Amazon CloudWatch and EC2 and allowing access through those endpoints.
upvoted 0 times
...
Andrew
5 months ago
I disagree, I believe option B is more secure as it involves installing the AWS Data Provider for SAP on the Amazon EC2 instances and creating an IAM policy for specific actions.
upvoted 0 times
...
Eileen
5 months ago
Option C looks good to me. Setting up VPC endpoints to access AWS services without going through the public internet seems like the most secure approach.
upvoted 0 times
Madelyn
5 months ago
I agree, VPC endpoints provide a secure and private connection to AWS services. It's definitely the way to go for this scenario.
upvoted 0 times
...
Alberta
5 months ago
Option C looks good to me. Setting up VPC endpoints to access AWS services without going through the public internet seems like the most secure approach.
upvoted 0 times
...
...
Charlene
5 months ago
I think option A is the best choice because it involves setting up SAP Solution Manager to call Amazon CloudWatch and EC2 endpoints with REST-based calls.
upvoted 0 times
...

Save Cancel