DOP-C02 · Question #340
DOP-C02 Question #340: Real Exam Question with Answer & Explanation
The correct answer is C: Configure the Redshift cluster database audit logging to include user activity logs. Configure. Explanation Options C and D work together as a complete solution: Option C enables Redshift's built-in database audit logging with user activity logs, which captures user logins, disconnections, and SQL queries executed against the cluster, and directs those logs to CloudWatch Lo
Question
A company uses Amazon Redshift as its data warehouse solution. The company wants to create a dashboard to view changes to the Redshift users and the queries the users perform. Which combination of steps will meet this requirement? (Choose two.)
Options
- ACreate an Amazon CloudWatch log group. Create an AWS CloudTrail trail that writes to the
- BCreate a new Amazon S3 bucket. Configure default audit logging on the Redshift cluster.
- CConfigure the Redshift cluster database audit logging to include user activity logs. Configure
- DCreate an Amazon CloudWatch dashboard that has a log widget. Configure the widget to display
- ECreate an AWS Lambda function that uses Amazon Athena to query the Redshift logs. Create an
Explanation
Explanation
Options C and D work together as a complete solution: Option C enables Redshift's built-in database audit logging with user activity logs, which captures user logins, disconnections, and SQL queries executed against the cluster, and directs those logs to CloudWatch Logs. Option D then leverages a CloudWatch dashboard with a log widget to visualize and monitor those captured logs, completing the end-to-end requirement of viewing user changes and query activity.
Why the distractors are wrong:
- Option A (CloudTrail trail) captures AWS API-level management events (e.g., cluster creation, modifications), but not the SQL queries users run inside the database - it addresses the wrong layer.
- Option B (S3 audit logging) enables audit logs but sends them to S3, not CloudWatch, making real-time dashboard visualization unnecessarily complex and incomplete without additional steps.
- Option E (Lambda + Athena) introduces unnecessary architectural complexity; Athena querying logs via Lambda is a valid analytics pattern but is over-engineered when CloudWatch dashboards natively support log visualization.
Memory Tip 🧠
Think "C feeds D" - Capture logs with Redshift audit logging → Display them on a CloudWatch dashboard. When a question asks about monitoring inside the database (users/queries), always look for database-level audit logging first, not CloudTrail (which is for AWS API calls).
Topics
Community Discussion
No community discussion yet for this question.