Multiple Choice
An organization has tens of applications deployed on thousands of Amazon EC2 instances. During testing, the Application team needs information to let them know whether the network access control lists (network ACLs) and security groups are working as expected. How can the Application team's requirements be met?
A) Turn on VPC Flow Logs, send the logs to Amazon S3, and use Amazon Athena to query the logs.
B) Install an Amazon Inspector agent on each EC2 instance, send the logs to Amazon S3, and use Amazon EMR to query the logs.
C) Create an AWS Config rule for each network ACL and security group configuration, send the logs to Amazon S3, and use Amazon Athena to query the logs.
D) Turn on AWS CloudTrail, send the trails to Amazon S3, and use AWS Lambda to query the trails.
Correct Answer:
Verified
Correct Answer:
Verified
Q186: In response to the past DDoS attack
Q187: A developer reported that AWS CloudTrail was
Q188: A Security Engineer for a large company
Q189: A company uses multiple AWS accounts managed
Q190: A company recently performed an annual security
Q192: A security engineer has noticed that VPC
Q193: A company's director of information security wants
Q194: A company's development team is designing an
Q195: After multiple compromises of its Amazon EC2
Q196: A company uses user data scripts that