A company is migrating its legacy workloads to AWS. The current security information events management (SIEM) system that analyzes logs is aging, and different SIEM systems are being evaluated to replace it. The company wants to change SIEMs without re-architecture the solution. What should the Security Engineer do to accomplish this with minimal operational impact?
A) Prepare an AMI with the SIEM log forwarder agent for each workload, and configure it to send logs to a centralized SIEM located in the Security team AWS account. Configure an Amazon EC2 instance base AMI to forward logs to its local log forwarder agent. Deploy an AMI in each workload.
B) Configure an Amazon EC2 base AMI with an Amazon Kinesis Agent, and configure it to send to Amazon Kinesis Data Streams in the Security team AWS account. Add an AWS Lambda function at Kinesis Data Streams to push streamed logs to the SIEM.
C) Configure an Amazon EC2 base AMI to send logs to a local AWS CloudTrail log file. Configure CloudTrail to send logs to Amazon CloudWatch. Set up a central SIEM in the Security team AWS account and configure a puller to get information on CloudWatch.
D) Select a pay-per-use SIEM in the AWS Marketplace. Deploy the AMI in each workload to provide elasticity when required. Use Amazon Athena to send real-time alerts.
Correct Answer:
Verified
Q79: A company's security policy requires that VPC
Q80: An AWS Lambda function was misused to
Q81: A company is developing a highly resilient
Q82: A recent security audit found that AWS
Q83: A company is operating an open-source software
Q85: For compliance reasons, a Security Engineer must
Q86: A company has an encrypted Amazon S3
Q87: An Application team has requested a new
Q88: A Security Administrator is restricting the capabilities
Q89: A company's Developers plan to migrate their
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents