ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified DevOps Engineer - Professional DOP-C02 All Questions

View all questions & answers for the AWS Certified DevOps Engineer - Professional DOP-C02 exam
Go to Exam

Exam AWS Certified DevOps Engineer - Professional DOP-C02 topic 1 question 330 discussion

Exam question from Amazon's AWS Certified DevOps Engineer - Professional DOP-C02
Question #: 330
Topic #: 1
[All AWS Certified DevOps Engineer - Professional DOP-C02 Questions]

A company detects unusual login attempts in many of its AWS accounts. A DevOps engineer must implement a solution that sends a notification to the company's security team when multiple failed login attempts occur. The DevOps engineer has already created an Amazon Simple Notification Service (Amazon SNS) topic and has subscribed the security team to the SNS topic.

Which solution will provide the notification with the LEAST operational effort?

  • A. Configure AWS CloudTrail to send management events to an Amazon CloudWatch Logs log group. Create a CloudWatch Logs metric filter to match failed ConsoleLogin events. Create a CloudWatch alarm that is based on the metric filter. Configure an alarm action to send messages to the SNS topic.
  • B. Configure AWS CloudTrail to send management events to an Amazon S3 bucket. Create an Amazon Athena query that returns a failure if the query finds failed logins in the logs in the S3 bucket. Create an Amazon EventBridge rule to periodically run the query. Create a second EventBridge rule to detect when the query fails and to send a message to the SNS topic.
  • C. Configure AWS CloudTrail to send data events to an Amazon CloudWatch Logs log group. Create a CloudWatch logs metric filter to match failed ConsoleLogin events. Create a CloudWatch alarm that is based on the metric filter. Configure an alarm action to send messages to the SNS topic.
  • D. Configure AWS CloudTrail to send data events to an Amazon S3 bucket. Configure an Amazon S3 event notification for the s3:ObjectCreated event type. Filter the event type by ConsoleLogin failed events. Configure the event notification to forward to the SNS topic.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by On9son at Dec. 3, 2024, 8:52 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
eugene2owl
Highly Voted 4 months, 3 weeks ago
Selected Answer: A
"A" is indeed the most elegant and obvious solution. "B" might work but seems way more overcomplicated
upvoted 6 times
...
teo2157
Highly Voted 4 months, 2 weeks ago
Selected Answer: A
A as you can choose to send cloudtrail events to CloudWatch log groups.
upvoted 5 times
...
Srikantha
Most Recent 4 weeks, 1 day ago
Selected Answer: A
This solution leverages AWS CloudTrail for logging, CloudWatch Logs for capturing the log data, and CloudWatch Alarms for monitoring the failed login attempts, with SNS used for notifications. It provides the least operational effort for the following reasons: AWS CloudTrail captures management events, including failed login attempts (ConsoleLogin failures). These events are sent to Amazon CloudWatch Logs, which is a straightforward way to centralize the log data for analysis. A CloudWatch Logs metric filter is created to match the ConsoleLogin failure events. This metric filter scans the CloudWatch logs for specific failed login attempts. CloudWatch Alarm is created based on the metric filter to trigger when there are multiple failed login attempts. The alarm is configured to send a message to the SNS topic, notifying the security team. This solution automates the detection of failed login attempts and provides a simple, efficient way to send notifications with minimal ongoing management.
upvoted 2 times
...
On9son
5 months ago
Selected Answer: B
CloudTrail publishes log to S3. And management event contains login information https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-events.html#cloudtrail-management-events
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago