Amazon Exam SCS-C02 Topic 8 Question 33 Discussion

Actual exam question for Amazon's SCS-C02 exam

Question #: 33
Topic #: 8

A company needs to create a centralized solution to analyze log files. The company uses an organization in AWS Organizations to manage its AWS accounts.

The solution must aggregate and normalize events from the following sources:

* The entire organization in Organizations

* All AWS Marketplace offerings that run in the company's AWS accounts

* The company's on-premises systems

Which solution will meet these requirements?

AConfigure a centralized Amazon S3 bucket for the logs Enable VPC Flow Logs, AWS CloudTrail, and Amazon Route 53 logs in all accounts. Configure all accounts to use the centralized S3 bucket. Configure AWS Glue crawlers to parse the log files Use Amazon Athena to query the log data.

BConfigure log streams in Amazon CloudWatch Logs for the sources that need monitoring. Create log subscription filters for each log stream. Forward the messages to Amazon OpenSearch Service for analysis.

CSet up a delegated Amazon Security Lake administrator account in Organizations. Enable and configure Security Lake for the organization. Add the accounts that need monitoring. Use Amazon Athena to query the log data.

DApply an SCP to configure all member accounts and services to deliver log files to a centralized Amazon S3 bucket. Use Amazon OpenSearch Service to query the centralized S3 bucket for log entries.

Show Suggested Answer

Suggested Answer: C

Amazon Security Lake, when configured with a delegated administrator account in AWS Organizations, provides a centralized solution for aggregating, organizing, and prioritizing security data from multiple sources including AWS services, AWS Marketplace solutions, and on-premises systems. By enabling Security Lake for the organization and adding the necessary AWS accounts, the solution centralizes the collection and analysis of log data. This setup leverages the organization's structure to streamline log aggregation and normalization, making it an efficient solution for the specified requirements. The use of Amazon Athena for querying the log data further enhances the ability to analyze and respond to security findings across the organization.

by Corazon at Sep 15, 2024, 04:24 AM

Limited Time Offer

25%

Off

Get Premium SCS-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Colton

1 months ago

I'm not sure, I think option D could also work well by configuring all member accounts to deliver log files to a centralized S3 bucket.

upvoted 0 times

...

2 months ago

This question is a classic case of 'read the question carefully'. The solution needs to aggregate and normalize logs from multiple sources, including the entire AWS Organizations and on-premises systems. Option C seems to be the most comprehensive solution.

upvoted 0 times