AWS Certified Solutions Architect – Associate (SAA-C03) — Question 852

A company runs workloads in the AWS Cloud. The company wants to centrally collect security data to assess security across the entire company and to improve workload protection.

Which solution will meet these requirements with the LEAST development effort?

Answer options

• A. Configure a data lake in AWS Lake Formation. Use AWS Glue crawlers to ingest the security data into the data lake.
• B. Configure an AWS Lambda function to collect the security data in .csv format. Upload the data to an Amazon S3 bucket.
• C. Configure a data lake in Amazon Security Lake to collect the security data. Upload the data to an Amazon S3 bucket.
• D. Configure an AWS Database Migration Service (AWS DMS) replication instance to load the security data into an Amazon RDS cluster.

Correct answer: C

Explanation

Amazon Security Lake automatically centralizes security data from AWS environments, SaaS providers, and on-premises sources into a purpose-built data lake stored in Amazon S3, requiring minimal development effort. Other options, like using AWS Lake Formation with AWS Glue crawlers, AWS DMS, or custom AWS Lambda functions, demand significantly more development, configuration, and maintenance overhead to achieve the same security-focused data aggregation.