Amazon SCS-C02 Exam - Topic 1 Question 37 Discussion

Actual exam question for Amazon's SCS-C02 exam

Question #: 37
Topic #: 1

A company is running an application on Amazon EC2 instances in an Auto Scaling group. The application stores logs locally. A security engineer noticed that logs were lost after a scale-in event. The security engineer needs to recommend a solution to ensure the durability and availability of log data All logs must be kept for a minimum of 1 year for auditing purposes. What should the security engineer recommend?

AWithin the Auto Scaling lifecycle, add a hook to create and attach an Amazon Elastic Block Store (Amazon EBS) log volume each time an EC2 instance is created. When the instance is terminated, the EBS volume can be reattached to another instance for log review.

BCreate an Amazon Elastic File System (Amazon EFS) file system and add a command in the user data section of the Auto Scaling launch template to mount the EFS file system during EC2 instance creation. Configure a process on the instance to copy the logs once a day from an instance Amazon Elastic Block Store (Amazon EBS) volume to a directory in the EFS file system.

CAdd an Amazon CloudWatch agent into the AMI used in the Auto Scaling group. Configure the CloudWatch agent to send the logs to Amazon CloudWatch Logs for review,

DWithin the Auto Scaling lifecycle, add a lifecycle hook at the terminating state transition and alert the engineering team by using a lifecycle notification to Amazon Simple Notification Service (Amazon SNS). Configure the hook to remain in the Terminating:Wait state for 1 hour to allow manual review of the security logs prior to instance termination.

Show Suggested Answer

Suggested Answer: C

Option C is the best solution to ensure the durability and availability of log data from EC2 instances in an Auto Scaling group. By using an Amazon CloudWatch agent, the logs can be sent to Amazon CloudWatch Logs, which is a fully managed service that can store, monitor, and analyze log dat

a. CloudWatch Logs also allows you to set retention policies for your log groups, so you can keep the logs for a minimum of 1 year for auditing purposes.CloudWatch Logs also supports encryption, access control, and compliance features to protect your log data12

by Anglea at Nov 13, 2024, 01:52 PM

Limited Time Offer

25%

Off

Get Premium SCS-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Lino

3 months ago

Wait, why not just use S3 for logs? That would be easier, right?

upvoted 0 times

...

Sheron

3 months ago

A could work, but reattaching EBS volumes sounds risky.

upvoted 0 times

...

Jina

3 months ago

Not sure about D, seems like a manual process could lead to delays.

upvoted 0 times

...

Dylan

4 months ago

I think C is the best choice, CloudWatch is super reliable!

upvoted 0 times

...

Louvenia

4 months ago

Option B sounds solid, EFS is great for durability.

upvoted 0 times

...

Jeniffer

4 months ago

The lifecycle hook with SNS sounds interesting, but I wonder if waiting for an hour is practical. I think we discussed something about timely log management in class.

upvoted 0 times

...

Stephania

4 months ago

I’m leaning towards the CloudWatch agent option. It seems like a straightforward way to ensure logs are sent to a durable service, but I’m not completely confident about the configuration details.

upvoted 0 times

...

Erin

4 months ago

I think using Amazon EFS could be a good option since it allows multiple instances to access the logs simultaneously. I saw a similar question about shared storage in our practice exams.

upvoted 0 times

...

Ricarda

5 months ago

I remember studying about EBS volumes, but I'm not sure if attaching them during scale-in is the best way to handle logs.

upvoted 0 times

...

Latrice

5 months ago

I like the simplicity of option C with the CloudWatch agent. Sending the logs directly to CloudWatch could be an easy way to meet the requirements without a lot of custom setup. I'll make sure to read the details carefully.

upvoted 0 times

...

Latricia

5 months ago

Option A with the EBS volume seems like a good way to persist the logs, but I'm not sure how well that would scale as the number of instances grows. I'll need to consider the operational overhead.

upvoted 0 times

...

Pilar

5 months ago

Hmm, I'm a bit confused by the different options here. I'll need to think through the pros and cons of each approach to make sure I understand the tradeoffs before deciding.

upvoted 0 times

...

Latrice

5 months ago

This seems like a straightforward question about ensuring log durability. I think option B with the EFS file system is the best approach to meet the 1-year retention requirement.

upvoted 0 times

...

Rashad

1 year ago

I see the benefits of both options A and B, but I think option D is also important. Having a manual review of security logs before instance termination adds an extra layer of security.

upvoted 0 times

...

Santos

1 year ago

I disagree, I believe option B is more efficient. Using EFS for storing logs and copying them daily provides better durability and availability.

upvoted 0 times

...

Marti

1 year ago

Haha, I bet the security engineer is having a field day trying to figure out the best way to keep those logs safe. Option A sounds like a lot of manual work.

upvoted 0 times

...

Layla

1 year ago

Option D is interesting, but I'm not sure keeping instances alive for an hour just to review logs is the most efficient solution.

upvoted 0 times

Amalia

1 year ago

D: I see the point, but I think option A is more efficient. Creating and attaching EBS volumes during instance creation is a straightforward approach.

upvoted 0 times

...

Carin

1 year ago

C: Option B also seems like a good solution. Using EFS to store logs and copying them daily provides durability and availability.

upvoted 0 times

...

Aleta

1 year ago

B: I agree with option A. It's a simple and effective way to make sure logs are not lost during scale-in events.

upvoted 0 times

...

Tracie

1 year ago

A: I think option A is the best solution. Creating and attaching an EBS volume each time an instance is created ensures log durability.

upvoted 0 times

...

Pete

1 year ago

I think option A is the best solution. It ensures that logs are stored on a separate EBS volume that can be easily reattached to another instance.

upvoted 0 times

...

Staci

1 year ago

I like the idea of using CloudWatch Logs in option C. It's a managed service, so we don't have to worry about the maintenance.

upvoted 0 times

Hannah

1 year ago

A) Within the Auto Scaling lifecycle, add a hook to create and attach an Amazon Elastic Block Store (Amazon EBS) log volume each time an EC2 instance is created. When the instance is terminated, the EBS volume can be reattached to another instance for log review.

upvoted 0 times

...

Barrett

1 year ago

I agree, using CloudWatch Logs would be a reliable solution for storing and reviewing logs.

upvoted 0 times

...

Elinore

1 year ago

C) Add an Amazon CloudWatch agent into the AMI used in the Auto Scaling group. Configure the CloudWatch agent to send the logs to Amazon CloudWatch Logs for review.

upvoted 0 times

...

Carmela

1 year ago

Option B seems like the way to go. Storing the logs in EFS ensures they are durable and available even after scale-in events.

upvoted 0 times

Aretha

1 year ago

I think using EFS with a daily copy process provides more control over the log data and ensures it is retained for auditing purposes.

upvoted 0 times

...

Cheryll

1 year ago

But what about using CloudWatch Logs? Wouldn't that be a simpler solution for log management?

upvoted 0 times

...

Maxima

1 year ago

I agree, using EFS for storing logs is a good solution for ensuring durability and availability.

upvoted 0 times

...

Lonna

1 year ago

Option B seems like the way to go. Storing the logs in EFS ensures they are durable and available even after scale-in events.

upvoted 0 times

...