AWS Certified Security - Specialty

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: Specify Amazon CloudWatch as the destination for the access logs. Use Amazon CloudWatch Logs Insights to design a query to filter the logs by host.

The correct answer is B. Specifying Amazon CloudWatch as the destination for the access logs and using Amazon CloudWatch Logs Insights to design a query to filter the logs by host is the most operationally efficient approach. This option allows you to directly utilize CloudWatch Logs Insights without the need for additional data transfers or configurations, making it simpler and quicker to implement. While other options might also work, they involve more steps and added complexity, reducing overall operational efficiency.

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Answer: Specify Amazon CloudWatch as the destination for the access logs. Use Amazon CloudWatch Logs Insights to design a query to filter the logs by host.

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

A company has identified security issues related to specific hosts and host header combinations that have impacted their business operations. To address these issues, they have implemented AWS WAF web ACLs and now require a log analysis solution to monitor and analyze AWS WAF logs centrally. The solution must enable the filtering of requests by specific hosts. A security engineer has initiated the process of enabling access logging for the AWS WAF web ACLs. What is the next step the security engineer should take to achieve this log analysis with the highest operational efficiency?

Exam-Like

Specify Amazon Redshift as the destination for the access logs. Deploy the Amazon Athena Redshift connector. Use Athena to query the data from Amazon Redshift and to filter the logs by host.

0.0%

Specify Amazon CloudWatch as the destination for the access logs. Use Amazon CloudWatch Logs Insights to design a query to filter the logs by host.

76.9%

Specify Amazon CloudWatch as the destination for the access logs. Export the CloudWatch logs to an Amazon S3 bucket. Use Amazon Athena to query the logs and to filter the logs by host.

15.4%

Specify Amazon CloudWatch as the destination for the access logs. Use Amazon Redshift Spectrum to query the logs and to filter the logs by host.