AWS Certified Security – Specialty SCS-C01 – Question186

An application running on Amazon EC2 instances generates log files in a folder on a Linux file system. The instances block access to the console and file transfer utilities, such as Secure Copy Protocol (SCP) and Secure File Transfer Protocol (SFTP). The Application Support team wants to automatically monitor the application log files so the team can set up notifications in the future.
A Security Engineer must design a solution that meets the following requirements:

  • Make the log files available through an AWS managed service.
  • Allow for automatic monitoring of the logs.
  • Provide an interface for analyzing logs.
  • Minimize effort.

Which approach meets these requirements?

A.
Modify the application to use the AWS SDK. Write the application logs to an Amazon S3 bucket.
B. Install the unified Amazon CloudWatch agent on the instances. Configure the agent to collect the application log files on the EC2 file system and send them to Amazon CloudWatch Logs.
C. Install AWS Systems Manager Agent on the instances. Configure an automation document to copy the application log files to AWS DeepLens.
D. Install Amazon Kinesis Agent on the instances. Stream the application log files to Amazon Kinesis Data Firehose and set the destination to Amazon Elasticsearch Service.