Answer-first summary for fast verification
Answer: Use Amazon Athena to run a SQL query on the logs stored in the Amazon S3 bucket and join the results with other data sources, such as AWS CloudTrail logs or Amazon VPC Flow Logs, to gain a more comprehensive view of the security event.
Option C is the most comprehensive approach to querying logs in Amazon S3 for contextual information related to a security event. By running a SQL query on the logs and joining the results with other data sources, such as AWS CloudTrail logs or Amazon VPC Flow Logs, you can gain a more complete understanding of the security event and identify any potential threats. This approach allows for a more in-depth analysis and can help uncover hidden patterns or connections that may not be apparent when analyzing the logs in isolation.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
You are tasked with querying logs stored in Amazon S3 to gather contextual information related to a security event. Describe the steps you would take to query the logs using Amazon Athena and analyze the results to identify any potential security threats.
A
Use Amazon Athena to run a SQL query on the logs stored in the Amazon S3 bucket to identify any entries with suspicious activity or unauthorized access attempts.
B
Use Amazon Athena to run a SQL query on the logs stored in the Amazon S3 bucket and filter the results based on specific time frames or IP addresses to narrow down potential security threats.
C
Use Amazon Athena to run a SQL query on the logs stored in the Amazon S3 bucket and join the results with other data sources, such as AWS CloudTrail logs or Amazon VPC Flow Logs, to gain a more comprehensive view of the security event.
D
Use Amazon Athena to run a SQL query on the logs stored in the Amazon S3 bucket and visualize the results using a third-party data visualization tool to identify patterns or trends related to the security event.
No comments yet.