Answer these questions. The answers follow the last question. If you cannot answer these questions correctly, consider reading this section again until you can.
1. You have been put in charge of designing a monitoring platform for an application for a large enterprise. The monitoring system needs to be highly available and should allow for collecting metrics from your custom application running on EC2 with an interval of one second. Which of the following solutions would be the easiest to implement the required monitoring environment?
A. Unfortunately, this is not possible in AWS due to the high availability and metric collection frequency.
B. Use a custom monitoring solution on two or more EC2 instances in two availability zones to make the monitoring system highly available. Configure the custom agent to send the specific application metrics with a one-second interval.
C. Use CloudWatch. Install CloudWatch agents on the EC2 instance that hosts the application. Configure the agents to send the specific application metrics with the default interval.
D. Use CloudWatch. Install CloudWatch agents on the EC2 instance that hosts the application. Configure the agents to send the specific application metrics with a one-second interval.
2. Which of the following services would you recommend to use for security incident alerting?
A. Store the logs to CloudWatch Logs. Use an alert pattern in CloudWatch Alarms and send the alerts via SNS.
B. Store the logs to CloudWatch Logs. Use an alert pattern in CloudWatch Logs Insights to trigger security incident alerts.
C. Store the logs to CloudWatch Logs Insights. Use an alert pattern in CloudWatch Logs Insights to trigger security incident alerts.
D. Store the logs to CloudWatch Logs Insights. Use an alert pattern in CloudWatch Alarms and send the alerts via SNS.
1. Answer: D is correct. CloudWatch is inherently highly available due to its regional scope. The CloudWatch agent needs to be configured to send custom metrics in a one-second interval to comply with the application requirements.
2. Answer: A is correct. CloudWatch Logs stores logs. CloudWatch Alarms can be configured to trigger on a pattern-matching condition (for example, a certain number of failed login attempts in a certain amount of time). CloudWatch Logs Insights can be used later to determine the cause of the issue; however, it cannot be used in the real-time alerting chain.
This section covers the following official AWS Certified SysOps Administrator – Associate (SOA-C02) exam domains:
Domain 1: Monitoring, Logging, and Remediation
Domain 4: Security and Compliance
Acedexam Training Policies
Learning resources
Other resources
Our Training Providers
