Q16 — AWS ANS-C01 Ch.1
Question 16 of 100 | ← Chapter 1
A company hosts an application on Amazon EC2 instances behind an Application Load Balancer (ALB). The instances are part of an Amazon EC2 Auto Scaling group. To comply with new security standards, the company must capture all application access data, including server response codes, request paths, Latency, and client IP addresses. The company also needs to query the captured data for performance analysis. Which solution will meet these requirements?
- A. Enable VPC flow logs on the ALB subnets. Store the logs to an Amazon S3 bucket. Query the logs in the S3 bucket by using Amazon Athena.
- B. Configure Amazon VPC Traffic Mirroring on all EC2 elastic network interfaces. Deploy a third-party monitoring appliance from AWS Marketplace in a private subnet. Use Amazon Data Firehose to send all mirrored traffic to the monitoring appliance. Query the logs directly From the monitoring appliance.
- C. Configure Amazon CloudWatch detailed monitoring on the EC2 instances Include all available logs. Use Amazon Data Firehose to send all The collected logs to an Amazon S3 bucket. Query the data directly from the S3 bucket.
- D. Enable access logs on the ALB. Store the logs in an Amazon S3 bucket. Query the logs in the S3 bucket by using Amazon Athena. ✓
Correct Answer: D. Enable access logs on the ALB. Store the logs in an Amazon S3 bucket. Query the logs in the S3 bucket by using Amazon Athena.
Explanation
应用负载均衡器(ALB)访问日志直接记录HTTP层请求数据,包含客户端IP、请求路径、响应状态码、延迟等核心字段,完全覆盖题干需求。VPC流日志仅记录网络层流量元数据,无法获取应用层状态码;CloudWatch实例监控侧重系统指标而非请求级日志;流量镜像方案复杂度高且需第三方工具。ALB日志存储至S3后通过Athena的无服务器SQL查询,是最简洁且完全匹配需求的方案。