A company runs an application on Amazon EC2 instances that run on Amazon Linux 2. The app…

Question

A company runs an application on Amazon EC2 instances that run on Amazon Linux 2. The application outputs important information to a custom log file. To support troubleshooting and incident response, new events in the log files must be available to the company's operations staff within 30 minutes. The operations staff needs a solution to retrieve the latest custom log information without using interactive sessions to connect to the instances. Which solutions will meet these requirements? (Choose two.)

Accepted Answer

Correct answer: B, C. B. Configure the Amazon CloudWatch agent configuration file to include the application log file details in the logs section. Instruct the operations staff to retrieve the information from the correct log group in Amazon CloudWatch Logs. — C. Configure the EC2 instances to use AWS Systems Manager. Configure appropriate permissions. Instruct the operations staff to examine the log file by invoking AWS Systems Manager Run Command. — Option B is correct because the Amazon CloudWatch agent can continuously stream logs to CloudWatch Logs, meeting the 30-minute availability requirement without requiring interactive sessions. Option C is correct because AWS Systems Manager Run Command allows administrators to execute non-interactive commands (such as viewing a log file) on EC2 instances on-demand. Options A and E fail to meet the 30-minute requirement due to the hourly cron schedule, while Option D is incorrect because Session Manager establishes an interactive shell session, which violates the constraint against interactive sessions.

AWS Certified Security – Specialty — Question 459

Answer options

Correct answer: B, C

Explanation