Q16 — AWS ANS-C01 Ch.1

Question 16 of 100 | ← Chapter 1

A company hosts an application on Amazon EC2 instances behind an Application Load Balancer (ALB). The instances are part of an Amazon EC2 Auto Scaling group. To comply with new security standards, the company must capture all application access data, including server response codes, request paths, Latency, and client IP addresses. The company also needs to query the captured data for performance analysis. Which solution will meet these requirements?

Correct Answer: D. Enable access logs on the ALB. Store the logs in an Amazon S3 bucket. Query the logs in the S3 bucket by using Amazon Athena.

Explanation

应用负载均衡器(ALB)访问日志直接记录HTTP层请求数据,包含客户端IP、请求路径、响应状态码、延迟等核心字段,完全覆盖题干需求。VPC流日志仅记录网络层流量元数据,无法获取应用层状态码;CloudWatch实例监控侧重系统指标而非请求级日志;流量镜像方案复杂度高且需第三方工具。ALB日志存储至S3后通过Athena的无服务器SQL查询,是最简洁且完全匹配需求的方案。