SAP-C02 · Question #778
SAP-C02 Question #778: Real Exam Question with Answer & Explanation
The correct answer is B: Use a delegated administrator account to create an AWS CloudTrail Lake data store. Specify. The company needs to centralize and query AWS account activity across multiple accounts in an AWS Organizations setup using SQL.
Question
A company has multiple AWS accounts that are in an organization in AWS Organizations. The company needs to store AWS account activity and query the data from a central location by using SQL. Which solution will meet these requirements?
Options
- ACreate an AWS CloudTraii trail in each account. Specify CloudTrail management events for the
- BUse a delegated administrator account to create an AWS CloudTrail Lake data store. Specify
- CUse a delegated administrator account to create an AWS CloudTral trail. Specify CloudTrail
- DUse AWS CloudFormation StackSets to deploy AWS CloudTrail Lake data stores in each
Explanation
The company needs to centralize and query AWS account activity across multiple accounts in an AWS Organizations setup using SQL.
Common mistakes.
- A. Creating individual CloudTrail trails in each account does not inherently provide a centralized storage solution for querying, requiring additional services to aggregate and enable SQL queries.
- C. This option suggests creating a CloudTrail trail, which stores logs in S3, requiring Amazon Athena or another service for SQL querying, rather than the integrated SQL query capabilities of CloudTrail Lake.
- D. Deploying separate CloudTrail Lake data stores in each account defeats the purpose of centralizing event data for querying from a single location.
Concept tested. Centralized AWS CloudTrail logging, CloudTrail Lake, AWS Organizations delegated administrator
Reference. https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-lake-organizations.html
Community Discussion
No community discussion yet for this question.