ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty All Questions

View all questions & answers for the AWS Certified Security - Specialty exam
Go to Exam

Exam AWS Certified Security - Specialty topic 1 question 416 discussion

Exam question from Amazon's AWS Certified Security - Specialty
Question #: 416
Topic #: 1
[All AWS Certified Security - Specialty Questions]

A company has an AWS WAF web ACL. According to a new compliance requirement, the company must configure comprehensive logging of all web ACL requests. The company has created an Amazon S3 bucket to store the logs.

Which combination of steps should the company take next to meet this requirement? (Choose two.)

  • A. Enable logging for the web ACL. Associate the web ACL with the Amazon Kinesis data stream.
  • B. Enable logging for the web ACL. Associate the web ACL with the Amazon Kinesis Data Firehose delivery stream.
  • C. Configure log filtering for the web ACL. Associate the web ACL with the Amazon Kinesis Data Firehose delivery stream.
  • D. Create an Amazon Kinesis data stream in any AWS Region. Specify the S3 bucket as the destination for the data stream.
  • E. Create an Amazon Kinesis Data Firehose delivery stream in the same AWS Region as the web ACL. Specify the S3 bucket as the destination for the delivery stream.
Show Suggested Answer Hide Answer
Suggested Answer: BE 🗳️
by AdamWest at Nov. 23, 2022, 2:32 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
tryks
Highly Voted 2 years, 6 months ago
B & E > To send logs to Amazon Kinesis Data Firehose, you send logs from your web ACL to an Amazon Kinesis Data Firehose with a configured storage destination. After you enable logging, AWS WAF delivers logs to your storage destination through the HTTPS endpoint of Kinesis Data Firehose. https://docs.aws.amazon.com/waf/latest/developerguide/logging-kinesis.html
upvoted 9 times
...
[Removed]
Most Recent 1 year, 8 months ago
It appears the answer is not on this list? WAF can be configured to send logs directly to an S3 Bucket https://docs.aws.amazon.com/waf/latest/developerguide/logging-s3.html
upvoted 2 times
...
AzureDP900
2 years, 3 months ago
B,E is correct
upvoted 1 times
...
nnope
2 years, 4 months ago
Why do we need Kinesis when S3 is directly supported? https://docs.aws.amazon.com/waf/latest/developerguide/logging.html
upvoted 1 times
secdaddy
2 years, 4 months ago
Because web ACL to S3 direct isn't in the answer list ?
upvoted 4 times
...
...
Teknoklutz
2 years, 5 months ago
Selected Answer: BE
Should be B and E
upvoted 2 times
...
AdamWest
2 years, 6 months ago
Selected Answer: BE
BE - AWS WAF logging goes to kinesis data firehose and from there you define the kinesis data firehose delivery stream which points to an S3 object name.
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel