Q: 6
A company must capture AWS CloudTrail data events and must retain the logs for 7 years. The logs
must be immutable and must be available to be searched by complex queries. The company also
needs to visualize the data from the logs.
Which solution will meet these requirements MOST cost-effectively?
Options
Discussion
Option A seems right, but I'm not completely sure. CloudTrail Lake keeps logs immutable and supports long retention, plus it lets you run queries and has built-in dashboards. Does anyone know if there's a catch with cost or limits here?
C or D? If you need 7-year retention plus complex queries and dashboards, both could fit if you set S3 Object Lock for C or use cold storage in D. S3 with EMR seems pretty flexible to me but not totally sure!
I’d say A, matches with what I've seen in the official guide and practice tests-CloudTrail Lake ticks all the boxes for retention, immutability, and queries. Still not 100% since complex workloads could change things.
C/D? Technically both let you query and visualize logs, but only A (CloudTrail Lake) guarantees immutability with 7-year retention without external tooling or extra cost for overlays like EMR or OpenSearch. Pretty sure A is right unless there's a hidden scale issue, agree?
Nah, not C-A is better. CloudTrail Lake handles data events, long-term storage, and immutability without needing to spin up EMR or pay for extra QuickSight sessions. The question asks for complex queries and visualization too, which Lake now supports natively. Pretty sure A is what AWS wants here, unless I missed something.
Its A. D is tempting if you want OpenSearch features, but maintaining CloudWatch and OpenSearch is pricey over time. CloudTrail Lake was made for this use case, so I think it's the best fit here.
C or D here. S3 with EMR (C) sounds appealing since S3 Object Lock does provide immutability, and EMR can handle complex queries. But you have to keep the EMR cluster up, which racks up costs over 7 years, and QuickSight adds more spend too. D looks good for searching with OpenSearch, but I'm not sure if CloudWatch Logs plus OpenSearch is as cheap long-term. Anyone think C makes more sense for cost control if querying isn't constant?
Probably A for this, since CloudTrail Lake covers immutability, 7-year retention, complex queries, and built-in visualization without needing extra AWS services. Pretty cost-effective compared to stitching other tools together. Open to debate if I missed something though.
Its A here, since CloudTrail Lake gives you immutable log storage, 7+ year retention, plus you get built-in query and dashboard features all in one spot. Pretty sure this is the most cost-effective for everything listed.
Be respectful. No spam.
