ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS DevOps Engineer Professional All Questions

View all questions & answers for the AWS DevOps Engineer Professional exam
Go to Exam

Exam AWS DevOps Engineer Professional topic 1 question 147 discussion

Exam question from Amazon's AWS DevOps Engineer Professional
Question #: 147
Topic #: 1
[All AWS DevOps Engineer Professional Questions]

The security team depends on AWS CloudTrail to detect sensitive security issues in the company's AWS account The DevOps engineer needs a solution to auto-remediate CloudTrail being turned off in an AWS account.

What solution ensures the LEAST amount of downtime for the CloudTrail log deliveries?

  • A. Create an Amazon EventBridge (Amazon CloudWatch Events) rule for the CloudTrail StopLogging event. Create an AWS Lambda function that uses the AWS SDK to call StartLogging on the ARN of the resource in which StopLogging was called. Add the Lambda function ARN as a target to the EventBridge (CloudWatch Events) rule.
  • B. Deploy the AWS-managed CloudTrail-enabled AWS Config rule, set with a periodic interval of 1 hour. Create an Amazon EventBridge (Amazon CloudWatch Events) rule for AWS Config rules compliance change. Create an AWS Lambda function that uses the AWS SDK to call StartLogging on the ARN of the resource in which StopLogging was called. Add the Lambda function ARN as a target to the EventBridge (CloudWatch Events) rule.
  • C. Create an Amazon EventBridge (Amazon CloudWatch Events) rule for a scheduled event every 5 minutes. Create an AWS Lambda function that uses the AWS SDK to call StartLogging on a CloudTrail trail in the AWS account. Add the Lambda function ARN as a target to the EventBridge (CloudWatch Events) rule.
  • D. Launch a t2.nano instance with a script running every 5 minutes that uses the AWS SDK to query CloudTrail in the current account. If the CloudTrail trail is disabled, have the script re-enable the trail.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Dimidrol at Jan. 13, 2023, 10:28 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Piccaso
2 years, 2 months ago
Selected Answer: A
Except A, all have time interval.
upvoted 3 times
...
Bulti
2 years, 3 months ago
Answer is A- B although is a detective mechansim, not sure why CloudWatch logs is used to look for Config events. Also periodic trigger type of 1 hour is not as good as an average delay of 15 minutes in receiving cloudTrail logs into CloudWatch. Also C and D are not detective mechansims.
upvoted 1 times
...
Oleg_gol
2 years, 3 months ago
Selected Answer: A
https://www.examtopics.com/discussions/amazon/view/6898-exam-aws-devops-engineer-professional-topic-1-question-65/
upvoted 1 times
...
romidan
2 years, 3 months ago
B seems correct https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/automatically-re-enable-aws-cloudtrail-by-using-a-custom-remediation-rule-in-aws-config.html
upvoted 1 times
romidan
2 years, 3 months ago
Chaning from B to A as This will ensure least downtime. B may create about an hour downtime and that can not be the correct answer.
upvoted 1 times
...
...
Dimidrol
2 years, 3 months ago
Selected Answer: A
A for me
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago