{"id":182,"date":"2021-01-04T08:11:08","date_gmt":"2021-01-04T08:11:08","guid":{"rendered":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/aws-certified-security-specialty-scs-c01-question175\/"},"modified":"2021-01-04T08:11:08","modified_gmt":"2021-01-04T08:11:08","slug":"aws-certified-security-specialty-scs-c01-question175","status":"publish","type":"post","link":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/aws-certified-security-specialty-scs-c01-question175\/","title":{"rendered":"AWS Certified Security – Specialty SCS-C01 – Question175"},"content":{"rendered":"
A company\u2019s Information Security team wants to analyze Amazon EC2 performance and utilization data in near-real time for anomalies. A Security Engineer is responsible for log aggregation. The Engineer must collect logs from all of the company\u2019s AWS accounts in a centralized location to perform the analysis.
\nHow should the Security Engineer do this?

A.<\/strong> Log in to each account four times a day and filter the AWS CloudTrail log data, then copy and paste the logs in to the Amazon S3 bucket in the destination account.
B.<\/strong> Set up Amazon CloudWatch to stream data to an Amazon S3 bucket in each source account. Set up bucket replication for each source account into a centralized bucket owned by the Security Engineer.
C.<\/strong> Set up an AWS Config aggregator to collect AWS configuration data from multiple sources.
D.<\/strong> Set up Amazon CloudWatch cross-account log data sharing with subscriptions in each account. Send the logs to Amazon Kinesis Data Firehose in the Security Engineer\u2019s account.<\/div>\n

<\/p>\n