ExpertMedium1 markMultiple Choice
AWS SAP-C02 · Question 65 · Domain 1.4: Multi-Account Environment
A company is designing a multi-account AWS environment. They want to ensure that all VPC Flow Logs, AWS CloudTrail logs, and Amazon Route 53 DNS query logs are stored in a centralized S3 bucket in a dedicated Log Archive account. Which AWS service provides a managed solution to set up this baseline architecture?
A company is designing a multi-account AWS environment. They want to ensure that all VPC Flow Logs, AWS CloudTrail logs, and Amazon Route 53 DNS query logs are stored in a centralized S3 bucket in a dedicated Log Archive account. Which AWS service provides a managed solution to set up this baseline architecture?
Answer options:
A.
AWS Systems Manager
B.
AWS Control Tower
C.
AWS Security Hub
D.
AWS CloudFormation StackSets
How to approach this question
Identify the managed service for multi-account baselines.
Full Answer
B.AWS Control Tower✓ Correct
AWS Control Tower
AWS Control Tower provides the easiest way to set up and govern a secure, multi-account AWS environment (Landing Zone). It automatically creates a Log Archive account and configures centralized logging.
Common mistakes
Choosing StackSets, which requires building the solution from scratch.
Practice the full AWS Solutions Architect Professional SAP-C02 Practice Exam 2
75 questions · hints · full answers · grading
More questions from this exam
Q01A company is setting up a multi-account AWS environment using AWS Organizations. They need to ens...EasyQ02An enterprise needs to connect its on-premises data center to AWS. They require a dedicated, priv...EasyQ03A company wants to share a single AWS Transit Gateway across multiple AWS accounts within their A...EasyQ04An architect needs to design a highly available database architecture that spans multiple AWS Reg...EasyQ05A global financial institution is migrating its core banking application to AWS. The application ...Medium