AWS Certified SysOps Administrator – Associate (legacy) — Question 785

Which of the following is an incorrect statement about Amazon CloudWatch?

Answer options

• A. You can use CloudWatch to collect and track metrics, which are the variables you want to measure for your resources and applications.
• B. You can set CloudWatch alarms to send notifications or automatically make changes to the resources you are monitoring, based on rules that you define.
• C. You can control and monitor all Security Groups and their related rules.
• D. You gain system-wide visibility into resource utilization, application performance, and operation-al health.

Correct answer: C

Explanation

Amazon CloudWatch is a monitoring and observability service, but it does not directly manage or monitor Security Groups and their firewall rules, which are handled by Amazon VPC and AWS Config. CloudWatch is instead used for gathering metrics, setting threshold-based alarms, and gaining system-wide visibility into application performance and resource utilization.