Multiple Choice
A company has hundreds of AWS accounts, and a centralized Amazon S3 bucket used to collect AWS CloudTrail logs for all of these accounts. A Security Engineer wants to create a solution that will enable the company to run ad hoc queries against its CloudTrail logs dating back 3 years from when the trails were first enabled in the company's AWS account. How should the company accomplish this with the least amount of administrative overhead?
A) Run an Amazon EMR cluster that uses a MapReduce job to examine the CloudTrail trails.
B) Use the events history feature of the CloudTrail console to query the CloudTrail trails.
C) Write an AWS Lambda function to query the CloudTrail trails. Configure the Lambda function to be executed whenever a new file is created in the CloudTrail S3 bucket.
D) Create an Amazon Athena table that looks at the S3 bucket the CloudTrail trails are being written to. Use Athena to run queries against the trails.
Correct Answer:
Verified
Correct Answer:
Verified
Q1: A Security Engineer launches two Amazon EC2
Q2: A Systems Engineer is troubleshooting the connectivity
Q3: The Security Engineer is managing a web
Q4: A Security Administrator is configuring an Amazon
Q6: A developer is building a serverless application
Q7: A Security Engineer received an AWS Abuse
Q8: A company wants to deploy a distributed
Q9: The Security team believes that a former
Q10: A Security Administrator has a website hosted
Q11: A company's security engineer has been asked