Topic 1 Question 318
3 つ選択A company runs a fleet of Amazon EC2 instances in a VPC. The company's employees remotely access the EC2 instances by using the Remote Desktop Protocol (RDP).
The company wants to collect metrics about how many RDP sessions the employees initiate every day.
Which combination of steps will meet this requirement?
Create an Amazon EventBridge rule that reacts to EC2 Instance State-change Notification events.
Create an Amazon CloudWatch Logs log group. Specify the log group as a target for the EventBridge rule.
Create a flow log in VPC Flow Logs.
Create an Amazon CloudWatch Logs log group. Specify the log group as a destination for the flow log.
Create a log group metric filter.
Create a log group subscription filter. Use EventBridge as the destination.
ユーザの投票
コメント(5)
- 正解だと思う選択肢: CDE
I see CDE, no need for EventBridge
👍 3luisfsm_1112024/12/11 - 正解だと思う選択肢: CDE
C. Create a flow log in VPC Flow Logs. • Why? VPC Flow Logs capture information about the traffic to and from network interfaces in your VPC. This is crucial for identifying and analyzing RDP sessions, which use TCP port 3389 by default.
D. Create an Amazon CloudWatch Logs log group. Specify the log group as a destination for the flow log. • Why? The captured VPC Flow Logs must be stored in a destination to enable analysis. Specifying a CloudWatch Logs log group allows for centralized storage and querying of logs.
E. Create a log group metric filter. • Why? A metric filter enables you to extract specific metrics from the flow logs. You can filter for traffic using port 3389 (RDP) and create a metric to count the sessions.
👍 3Ky_242024/12/15 - 正解だと思う選択肢: CDE
You can use a subscription filter with Amazon Kinesis Data Streams, AWS Lambda, or Amazon Data Firehos https://docs.aws.amazon.com/ja_jp/AmazonCloudWatch/latest/logs/SubscriptionFilters.html
👍 2nqg541182024/11/28
シャッフルモード