AWS Certified Database – Specialty — Question 262

A company has an Amazon Redshift cluster with database audit logging enabled. A security audit shows that raw SQL statements that run against the Redshift cluster are being logged to an Amazon S3 bucket. The security team requires that authentication logs are generated for use in an intrusion detection system (IDS), but the security team does not require SQL queries.

What should a database specialist do to remediate this issue?

Answer options

• A. Set the use_fips_ssl parameter to true in the database parameter group.
• B. Turn off the query monitoring rule in the Redshift cluster's workload management (WLM).
• C. Set the enable_user_activity_logging parameter to false in the database parameter group.
• D. Disable audit logging on the Redshift cluster.

Correct answer: C

Explanation

Setting the enable_user_activity_logging parameter to false will stop the logging of user activity, including SQL queries, which resolves the issue of unnecessary logging. The other options do not address the requirement to stop logging SQL queries specifically; for instance, turning off query monitoring rules or disabling audit logging entirely may not align with the security team's needs.