A company's Information Security team wants to analyze Amazon EC2 performance and utilization data in near-real time for anomalies. A Security Engineer is responsible for log aggregation. The Engineer must collect logs from all of the company's AWS accounts in a centralized location to perform the analysis. How should the Security Engineer do this?
A) Log in to each account four times a day and filter the AWS CloudTrail log data, then copy and paste the logs in to the Amazon S3 bucket in the destination account.
B) Set up Amazon CloudWatch to stream data to an Amazon S3 bucket in each source account. Set up bucket replication for each source account into a centralized bucket owned by the Security Engineer.
C) Set up an AWS Config aggregator to collect AWS configuration data from multiple sources.
D) Set up Amazon CloudWatch cross-account log data sharing with subscriptions in each account. Send the logs to Amazon Kinesis Data Firehose in the Security Engineer's account.
Correct Answer:
Verified
Q174: A security engineer is setting up a
Q175: A Security Engineer creates an Amazon S3
Q176: Authorized Administrators are unable to connect to
Q177: A company's Security Engineer is copying all
Q178: A company has multiple AWS accounts that
Q180: A company has hundreds of AWS accounts,
Q181: Which of the following are valid configurations
Q182: A company is setting up products to
Q183: A company's director of information security wants
Q184: An external auditor finds that a company's
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents