Topic 1 Question 252

AWS Certified Security - Specialty

Topic 1 Question 252
A company runs its microservices architecture in Kubernetes containers on AWS by using Amazon Elastic Kubernetes Service (Amazon EKS) and Amazon Aurora The company has an organization in AWS Organizations to manage hundreds of AWS accounts that host different microservices.

The company needs to implement a monitoring solution for logs from all AWS resources across all accounts. The solution must include automatic detection of security-related issues.

Which solution will meet these requirements with the LEAST operational effort?
- Designate an Amazon GuardDuty administrator account in the organization’s management account. Enable GuardDuty for all accounts. Enable EKS Protection and RDS Protection in the GuardDuty administrator account.
- Designate a monitoring account. Share Amazon CloudWatch logs from all accounts with the monitoring account. Configure Aurora to publish all logs to CloudWatch. Use Amazon Inspector in the monitoring account to evaluate the CloudWatch logs.
- Create a central Amazon S3 bucket in the organization’s management account. Configure AWS CloudTrail in all AWS accounts to deliver CloudTrail logs to the S3 bucket. Configure Aurora to publish all logs to CloudTrail. Use Amazon Athena to query the CloudTrail logs in the S3 bucket for security issues.
- Designate a monitoring account. Share Amazon CloudWatch logs from all accounts with the monitoring account. Subscribe an Amazon Kinesis data stream to the CloudWatch logs. Create AWS Lambda functions to process log records in the data stream to detect security issues.
ユーザの投票
コメント(1)
- 正解だと思う選択肢: A
  Centralized Management: Designating a GuardDuty administrator account allows for centralized management and monitoring across all AWS accounts in the organization.
  
  Automated Threat Detection: GuardDuty provides continuous monitoring for malicious or unauthorized behavior to help protect your AWS accounts, workloads, and data.
  
  EKS and RDS Protection: Enabling EKS Protection and RDS Protection ensures that GuardDuty can monitor and detect security issues specific to your Kubernetes clusters and Aurora databases.
  
  Minimal Operational Overhead: Once enabled, GuardDuty operates continuously and automatically, requiring minimal ongoing management.
  
  The other options, while valid, involve more complex setups and manual processes which increase operational overhead:
  
  👍 1
  IPLogic2024/12/05
シャッフルモード

ユーザの投票

コメント(1)