Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Amazon Exam SCS-C02 Topic 1 Question 37 Discussion

Actual exam question for Amazon's SCS-C02 exam
Question #: 37
Topic #: 1
[All SCS-C02 Questions]

A company is running an application on Amazon EC2 instances in an Auto Scaling group. The application stores logs locally. A security engineer noticed that logs were lost after a scale-in event. The security engineer needs to recommend a solution to ensure the durability and availability of log data All logs must be kept for a minimum of 1 year for auditing purposes. What should the security engineer recommend?

Show Suggested Answer Hide Answer
Suggested Answer: C

Option C is the best solution to ensure the durability and availability of log data from EC2 instances in an Auto Scaling group. By using an Amazon CloudWatch agent, the logs can be sent to Amazon CloudWatch Logs, which is a fully managed service that can store, monitor, and analyze log dat

a. CloudWatch Logs also allows you to set retention policies for your log groups, so you can keep the logs for a minimum of 1 year for auditing purposes.CloudWatch Logs also supports encryption, access control, and compliance features to protect your log data12


by Anglea at Nov 13, 2024, 01:52 PM

Limited Time Offer

25%

Off

Get Premium SCS-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Rashad
1 days ago
I see the benefits of both options A and B, but I think option D is also important. Having a manual review of security logs before instance termination adds an extra layer of security.
upvoted 0 times
...
Santos
5 days ago
I disagree, I believe option B is more efficient. Using EFS for storing logs and copying them daily provides better durability and availability.
upvoted 0 times
...
Marti
6 days ago
Haha, I bet the security engineer is having a field day trying to figure out the best way to keep those logs safe. Option A sounds like a lot of manual work.
upvoted 0 times
...
Layla
7 days ago
Option D is interesting, but I'm not sure keeping instances alive for an hour just to review logs is the most efficient solution.
upvoted 0 times
...
Pete
8 days ago
I think option A is the best solution. It ensures that logs are stored on a separate EBS volume that can be easily reattached to another instance.
upvoted 0 times
...
Staci
14 days ago
I like the idea of using CloudWatch Logs in option C. It's a managed service, so we don't have to worry about the maintenance.
upvoted 0 times
...
Carmela
18 days ago
Option B seems like the way to go. Storing the logs in EFS ensures they are durable and available even after scale-in events.
upvoted 0 times
Lonna
6 days ago
Option B seems like the way to go. Storing the logs in EFS ensures they are durable and available even after scale-in events.
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77