Topic 1 Question 250
A company’s security team requests that network traffic be captured in VPC Flow Logs. The logs will be frequently accessed for 90 days and then accessed intermittently.
What should a solutions architect do to meet these requirements when configuring the logs?
Use Amazon CloudWatch as the target. Set the CloudWatch log group with an expiration of 90 days
Use Amazon Kinesis as the target. Configure the Kinesis stream to always retain the logs for 90 days.
Use AWS CloudTrail as the target. Configure CloudTrail to save to an Amazon S3 bucket, and enable S3 Intelligent-Tiering.
Use Amazon S3 as the target. Enable an S3 Lifecycle policy to transition the logs to S3 Standard-Infrequent Access (S3 Standard-IA) after 90 days.
ユーザの投票
コメント(11)
- 正解だと思う選択肢: D
D is the correct answer.
👍 4LuckyAro2023/01/20 - 正解だと思う選択肢: D
D. Use Amazon S3 as the target. Enable an S3 Lifecycle policy to transition the logs to S3 Standard-Infrequent Access (S3 Standard-IA) after 90 days.
By using Amazon S3 as the target for the VPC Flow Logs, the logs can be easily stored and accessed by the security team. Enabling an S3 Lifecycle policy to transition the logs to S3 Standard-Infrequent Access (S3 Standard-IA) after 90 days will automatically move the logs to a storage class that is optimized for infrequent access, reducing the storage costs for the company. The security team will still be able to access the logs as needed, even after they have been transitioned to S3 Standard-IA, but the storage cost will be optimized.
👍 3mhmt44382023/01/15 - 正解だと思う選択肢: D
No, D should be is correct. "The logs will be frequently accessed for 90 days and then accessed intermittently." => We still need to store instead of deleting as the answer A.
👍 2Parsons2023/01/14
シャッフルモード