SCS-C03 · Question #145
SCS-C03 Question #145: Real Exam Question with Answer & Explanation
The correct answer is A: Configure the EC2 instances to send application logs to a single Amazon CloudWatch Logs log. Amazon CloudWatch Logs provides a centralized, scalable service for collecting and storing logs from Amazon EC2 instances, regardless of whether the instances are On-Demand or Spot Instances. According to the AWS Certified Security - Specialty Official Study Guide, CloudWatch Log
Question
A company is developing an application that runs across a combination of Amazon EC2 On- Demand Instances and Spot Instances. A security engineer needs to provide a logging solution that makes logs for all instances available from a single location. The solution must allow only a specific set of users to analyze the logs for event patterns. The users must be able to use SQL queries on the logs to perform root cause analysis. Which solution will meet these requirements?
Options
- AConfigure the EC2 instances to send application logs to a single Amazon CloudWatch Logs log
- BConfigure the EC2 instances to send application logs to a single Amazon S3 bucket. Allow only
- CConfigure each EC2 instance to send its application logs to its own specific Amazon CloudWatch
- DConfigure the EC2 instances to send application logs to a single Amazon CloudWatch Logs log
Explanation
Amazon CloudWatch Logs provides a centralized, scalable service for collecting and storing logs from Amazon EC2 instances, regardless of whether the instances are On-Demand or Spot Instances. According to the AWS Certified Security - Specialty Official Study Guide, CloudWatch Logs is the recommended service for centralized log aggregation and near-real-time analysis of application and system logs. By configuring all EC2 instances to send logs to a single CloudWatch Logs log group, the security engineer ensures that logs from all instances are available in one centralized location. Access to the log group can be restricted by using IAM policies, ensuring that only authorized users can view and analyze the logs. CloudWatch Logs Insights provides a powerful query language with SQL-like syntax, enabling users to search, filter, aggregate, and analyze log data efficiently. This directly satisfies the requirement for SQL-style queries to identify event patterns and perform root cause analysis without requiring data movement or additional services.
Community Discussion
No community discussion yet for this question.