Which approach will...
 
Notifications
Clear all

Which approach will meet these requirements?

1 Posts
1 Users
0 Likes
42 Views
Chi
 Chi
(@jamiesonchi)
Noble Member
Joined: 7 months ago
Posts: 387
Topic starter  

The Security team for a finance company was notified of an internal security breach that happened 3 weeks ago. A Database Specialist must start producing audit logs out of the production Amazon Aurora PostgreSQL cluster for the Security team to use for monitoring and alerting. The Security team is required to perform real-time alerting and monitoring outside the Aurora DB cluster and wants to have the cluster push encrypted files to the chosen solution.

Which approach will meet these requirements?

  • A . Use pg_audit to generate audit logs and send the logs to the Security team.
  • B . Use AWS CloudTrail to audit the DB cluster and the Security team will get data from Amazon S3.
  • C . Set up database activity streams and connect the data stream from Amazon Kinesis to consumer applications.
  • D . Turn on verbose logging and set up a schedule for the logs to be dumped out for the Security team.

Show Answer Hide Answer

Suggested Answer: C

Explanation:

https://aws.amazon.com/about-aws/whats-new/2019/05/amazon-aurora-with-postgresql-compatibility-supports-database-activity-streams/

"Database Activity Streams for Amazon Aurora with PostgreSQL compatibility provides a near real-time data stream of the database activity in your relational database to help you monitor activity. When integrated with third party database activity monitoring tools, Database Activity Streams can monitor and audit database activity to provide safeguards for your database and help meet compliance and regulatory requirements."

https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Overview.LoggingAndMonitoring.html

   
Quote
Share: