AWS Certified Solutions Architect – Associate (SAA-C03) — Question 667

A company is using an Application Load Balancer (ALB) to present its application to the internet. The company finds abnormal traffic access patterns across the application. A solutions architect needs to improve visibility into the infrastructure to help the company understand these abnormalities better.

What is the MOST operationally efficient solution that meets these requirements?

Answer options

• A. Create a table in Amazon Athena for AWS CloudTrail logs. Create a query for the relevant information.
• B. Enable ALB access logging to Amazon S3. Create a table in Amazon Athena, and query the logs.
• C. Enable ALB access logging to Amazon S3. Open each file in a text editor, and search each line for the relevant information.
• D. Use Amazon EMR on a dedicated Amazon EC2 instance to directly query the ALB to acquire traffic access log information.

Correct answer: B

Explanation

Enabling ALB access logging to Amazon S3 and using Amazon Athena to query the logs is the most operationally efficient, serverless solution for analyzing detailed HTTP request traffic. AWS CloudTrail logs track API activity rather than individual HTTP requests to the application, making them ineffective for this scenario. Manually searching files in a text editor is highly inefficient, while deploying Amazon EMR adds unnecessary operational overhead and cost.