SCS-C03 · Question #137
SCS-C03 Question #137: Real Exam Question with Answer & Explanation
The correct answer is C: Send AWS WAF logs to Amazon S3. Create an Amazon Athena table with partition projection.. AWS WAF supports logging of detailed HTTP request information, including source IP addresses, request URIs, headers, and rule evaluation results. According to the AWS Certified Security - Specialty documentation, Amazon S3 combined with Amazon Athena is the recommended and most c
Question
A company begins to use AWS WAF after experiencing an increase in traffic to the company's public web applications. A security engineer needs to determine if the increase in traffic is because of application-layer attacks. The security engineer needs a solution to analyze AWS WAF traffic. Which solution will meet this requirement?
Options
- ASend AWS WAF logs to AWS CloudTrail and analyze them with OpenSearch.
- BSend AWS WAF logs to Amazon S3 and query them directly with OpenSearch.
- CSend AWS WAF logs to Amazon S3. Create an Amazon Athena table with partition projection.
- DSend AWS WAF logs to AWS CloudTrail and analyze them with Amazon Athena.
Explanation
AWS WAF supports logging of detailed HTTP request information, including source IP addresses, request URIs, headers, and rule evaluation results. According to the AWS Certified Security - Specialty documentation, Amazon S3 combined with Amazon Athena is the recommended and most cost-effective solution for ad hoc and forensic analysis of AWS WAF logs. By configuring AWS WAF to deliver logs to Amazon S3 and using Athena with partition projection, the security engineer can efficiently query large volumes of log data without maintaining partitions manually. This enables rapid identification of application-layer attacks such as SQL injection, cross-site scripting, and bot activity.
Community Discussion
No community discussion yet for this question.