AmazonAmazon
SCS-C02 · Question #78
SCS-C02 Question #78: Real Exam Question with Answer & Explanation
Sign in or unlock SCS-C02 to reveal the answer and full explanation for question #78. The question stem and answer options stay visible for context.
Submitted by fatima_kr· Mar 6, 2026
Question
A company hosts business-critical applications on Amazon EC2 instances in a VPC. The VPC uses default DHCP options sets. A security engineer needs to log all DNS queries that internal resources make in the VPC. The security engineer also must create a list of the most common DNS queries over time. Which solution will meet these requirements?
Options
- AInstall the Amazon CloudWatch agent on each EC2 instance in the VPC. Use the CloudWatch
- BInstall a BIND DNS server in the VPC. Create a bash script to list the DNS request number of
- CCreate VPC flow logs for all subnets in the VPStream the flow logs to an Amazon CloudWatch
- DConfigure Amazon Route 53 Resolver query logging. Add an Amazon CloudWatch Logs log
Unlock SCS-C02 to see the answer
You've previewed enough free SCS-C02 questions. Unlock SCS-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.