ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Associate SAA-C02 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Associate SAA-C02 exam
Go to Exam

Exam AWS Certified Solutions Architect - Associate SAA-C02 topic 1 question 460 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Associate SAA-C02
Question #: 460
Topic #: 1
[All AWS Certified Solutions Architect - Associate SAA-C02 Questions]

A company's security team requests that network traffic be captured in VPC Flow Logs. The logs will be frequently accessed for 90 days and then accessed intermittently.
What should a solutions architect do to meet these requirements when configuring the logs?

  • A. Use Amazon CloudWatch as the target. Set the CloudWatch log group with an expiration of 90 days.
  • B. Use Amazon Kinesis as the target. Configure the Kinesis stream to always retain the logs for 90 days.
  • C. Use AWS CloudTrail as the target. Configure CloudTrail to save to an Amazon S3 bucket, and enable S3 Intelligent-Tiering.
  • D. Use Amazon S3 as the target. Enable an S3 Lifecycle policy to transition the logs to S3 Standard-Infrequent Access (S3 Standard-IA) after 90 days.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Hizumi at Aug. 20, 2021, 12:17 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Hizumi
Highly Voted 3 years, 7 months ago
Answer (D) makes sense, since we are directing to have the logs stored in S3 and then have them moved to IA, since they are intermittently accessed after 90 days.
upvoted 24 times
chael88
2 years, 10 months ago
No the question says it will be DELETED after 90 days so no need to keep it in S3.
upvoted 6 times
zammusaz304
2 years, 8 months ago
where does it says deleted after 90 days?
upvoted 5 times
...
...
...
patriktre
Highly Voted 3 years, 6 months ago
D is correct. only A and D can be targets for Flow Logs, but D meets storage requirement: https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html
upvoted 12 times
...
FlyingHawk
Most Recent 5 months, 1 week ago
Selected Answer: D
A (CloudWatch Logs): CloudWatch is significantly more expensive for log storage compared to S3, especially for large datasets. The logs will still be accessed intermittently after 90 days.
upvoted 1 times
...
MatAlves
7 months, 4 weeks ago
Selected Answer: D
It seems the question has been changed from "deleted" to "accessed intermittently". That explains why most votes lately are for "D"
upvoted 1 times
...
BECAUSE
1 year, 11 months ago
Selected Answer: D
D is the answer
upvoted 1 times
...
SkyZeroZx
1 year, 12 months ago
Selected Answer: D
Answer : D
upvoted 1 times
...
ironbat
2 years ago
Selected Answer: D
D instead of A because we still need to access to the log after 90 days
upvoted 1 times
...
rude7
2 years, 8 months ago
Selected Answer: D
Answer : D VPC flow logs targets are typically set to Cloudwatch or S3. https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html For those saying A, please refer to the below link. Though it is true that by default Cloudwatch stores data indefinitely, once a log group and associated retention period are defined then the logs are automatically deleted after the retention period expires. The scenario states that the logs will need to be accessed intermittently after the 90-day period, hence the only logical choice for storage based on the aforementioned options is S3. https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html
upvoted 2 times
...
Jennie95
2 years, 8 months ago
Selected Answer: D
Check "intermittently" in the dictionairy - it cannot be deleted.
upvoted 1 times
...
kar_123
2 years, 8 months ago
Answer D because it is accessed intermittently which means occasionally No question of deletion Please read carefully
upvoted 1 times
...
max_01
2 years, 8 months ago
Selected Answer: D
intermittently means wont be used that much. It does not mean delete as others have stated.
upvoted 1 times
...
GripZA
2 years, 8 months ago
A - I literally deal with analyzing VPC flow logs on a weekly basis. Best practice suggests Cloudwatch as Target, CW Insights to run queries on the logs and log group expiration (a native CW feature) to delete logs after X days.
upvoted 1 times
balmo
2 years, 7 months ago
Except it doesn't say "deleted" anymore. This question was stating "deleted occasionally" before couple of weeks, then they changed it to "accessed intermittently".
upvoted 1 times
...
...
Root_Access
2 years, 8 months ago
Selected Answer: D
I'll go with D, "Deleted Occasionally" means logs are not supposed to be deleted after exactly 90 days.
upvoted 1 times
...
etheng1970
2 years, 9 months ago
Selected Answer: D
Answer is D.
upvoted 1 times
...
jyrajan69
2 years, 9 months ago
The keyword is 'occassionally', it is just an odd way of saying after 90 days the files are accessed occasionally..so definitely D
upvoted 2 times
...
sdk1990
2 years, 10 months ago
Selected Answer: D
I prefer D
upvoted 1 times
...
naveenagurjara
2 years, 10 months ago
Selected Answer: A
After 90 days Logs Need to be DELETED. Option D does not state this.
upvoted 3 times
jyrajan69
2 years, 9 months ago
Deleted occasionally...or you can accessed ocassionally
upvoted 1 times
...
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago