AWS Certified Security - Specialty
Get started today
Ultimate access to all questions.
Given a scenario where you need to normalize and parse logs from various AWS services to correlate events and identify potential security threats, which approach would you take? Consider the log formats from CloudTrail, VPC Flow Logs, and ELB access logs.
Given a scenario where you need to normalize and parse logs from various AWS services to correlate events and identify potential security threats, which approach would you take? Consider the log formats from CloudTrail, VPC Flow Logs, and ELB access logs.
Simulated
A
Use AWS Glue to create a data catalog and ETL jobs for normalization and parsing, then store the results in Amazon S3 for correlation.
33.3%
B
Use Amazon Elasticsearch with Logstash for real-time parsing and normalization, then use Kibana for correlation and visualization.
Comments
Loading comments...