Topic 1 Question 230
3 つ選択A company uses AWS Organizations to manage its AWS accounts. The company wants its monitoring system to receive an alert when a root user logs in. The company also needs a dashboard to display any log activity that the root user generates.
Which combination of steps will meet these requirements?
Enable AWS Config with a multi-account aggregator. Configure log forwarding to Amazon CloudWatch Logs.
Create an Amazon QuickSight dashboard that uses an Amazon CloudWatch Logs query.
Create an Amazon CloudWatch Logs metric filter to match root user login events. Configure a CloudWatch alarm and an Amazon Simple Notification Service (Amazon SNS) topic to send alerts to the company's monitoring system.
Create an Amazon CloudWatch Logs subscription filter to match root user login events. Configure the filter to forward events to an Amazon Simple Notification Service (Amazon SNS) topic. Configure the SNS topic to send alerts to the company's monitoring system.
Create an AWS CloudTrail organization trail. Configure the organization trail to send events to Amazon CloudWatch Logs.
Create an Amazon CloudWatch dashboard that uses a CloudWatch Logs Insights query.
ユーザの投票
コメント(5)
- 正解だと思う選択肢: CEF
Correct answer.
👍 5KaranNishad2024/06/27 - 正解だと思う選択肢: CEF
E first, then C, and the last is F
E ensures that all events, including root user login events, are captured across all accounts in the organization. By sending these events to CloudWatch Logs, you centralize the logging data, making it accessible for further processing. C creating a metric filter in CloudWatch Logs to detect specific patterns in the log data, such as root user login events. F creating a CloudWatch dashboard that utilizes CloudWatch Logs Insights to query and visualize the log data. This dashboard can be used to display detailed information about root user login activity and other relevant log events.
👍 3trungtd2024/07/13 - 正解だと思う選択肢: CEF
E- AWS CloudTrail will log all activities, including root user logins, across all accounts in the organisation. Sending these logs to CloudWatch Logs enables further processing and analysis.
C- Creating a metric filter to detect root user login events will allow you to trigger a CloudWatch alarm. The alarm can then send notifications via SNS to the company's monitoring system, ensuring real-time alerts for root user logins.
F- Using CloudWatch Logs Insights, you can create queries to extract and visualise log data related to root user activity. This data can be displayed on a CloudWatch dashboard, providing a centralised view of root user actions.
👍 3TEC12024/07/13
シャッフルモード