An organization has tens of applications deployed on thousands of Amazon EC2 instances. During testing, the Application team needs information to let them know whether the network access control lists (network ACLs) and security groups are working as expected. How can the Application team's requirements be met?
A) Turn on VPC Flow Logs, send the logs to Amazon S3, and use Amazon Athena to query the logs.
B) Install an Amazon Inspector agent on each EC2 instance, send the logs to Amazon S3, and use Amazon EMR to query the logs.
C) Create an AWS Config rule for each network ACL and security group configuration, send the logs to Amazon S3, and use Amazon Athena to query the logs.
D) Turn on AWS CloudTrail, send the trails to Amazon S3, and use AWS Lambda to query the trails.
Correct Answer:
Verified
Q18: A Security Engineer must enforce the use
Q19: A company requires that IP packet data
Q20: A company has complex connectivity rules governing
Q21: An application outputs logs to a text
Q22: A company has deployed a custom DNS
Q24: A Security Administrator is configuring an Amazon
Q25: A Software Engineer is trying to figure
Q26: Which of the following minimizes the potential
Q27: An organization is moving non-business-critical applications to
Q28: The Security Engineer created a new AWS
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents