An international company has established a new business entity in South Korea. The compan…

Question

An international company has established a new business entity in South Korea. The company also has established a new AWS account to contain the workload for the South Korean region. The company has set up the workload in the new account in the ap-northeast-2 Region. The workload consists of three Auto Scaling groups of Amazon EC2 instances. All workloads that operate in this Region must keep system logs and application logs for 7 years.
A security engineer must implement a solution to ensure that no logging data is lost for each instance during scaling activities. The solution also must keep the logs for only the required period of 7 years.
Which combination of steps should the security engineer take to meet these requirements? (Choose three.)

Accepted Answer

Correct answer: A, B, C. A. Ensure that the Amazon CloudWatch agent is installed on all the EC2 instances that the Auto Scaling groups launch. Generate a CloudWatch agent configuration file to forward the required logs to Amazon CloudWatch Logs. — B. Set the log retention for desired log groups to 7 years. — C. Attach an IAM role to the launch configuration or launch template that the Auto Scaling groups use. Configure the role to provide the necessary permissions to forward logs to Amazon CloudWatch Logs. — Options A, B, and C are correct because they ensure that logs are collected, retained for the required duration, and that the necessary permissions are in place for CloudWatch Logs. Option D is incorrect as it suggests forwarding logs to S3, which does not meet the requirement for real-time log management. Options E and F focus on S3, which does not align with the requirement for immediate log processing and monitoring.

AWS Certified Security – Specialty (SCS-C02) — Question 8

Answer options

Correct answer: A, B, C

Explanation