AWS Certified Data Engineer Associate DEA-C01 Practice Question
A security team needs to audit API activity across 50 AWS accounts that belong to a single AWS Organization. They must aggregate all CloudTrail management events in near-real time, keep the logs immutable for 365 days, and let analysts run ad-hoc SQL queries without exporting the data to another service. Which solution requires the LEAST ongoing operational effort?
In each member account, stream CloudTrail events to CloudWatch Logs and subscribe the log groups to an Amazon OpenSearch Service domain for search and analysis.
Configure an organization CloudTrail trail that delivers logs to an S3 bucket protected with S3 Object Lock, catalog the logs with AWS Glue, and query them using Amazon Athena.
Create an organization event data store in AWS CloudTrail Lake from the delegated administrator account, set one-year extendable retention, and grant analysts permission to run Lake SQL queries.
Enable Amazon Security Lake across the organization to collect CloudTrail management events and query the Parquet files in the Security Lake S3 buckets with Athena.
An organization event data store in AWS CloudTrail Lake automatically ingests management events from every account when created by the management or delegated administrator account. Event data stores are immutable collections, and the one-year extendable retention option meets the 365-day requirement without additional storage configuration. CloudTrail Lake provides a built-in SQL interface, so analysts can query the data directly-no Object Lock configuration, Glue cataloging, or streaming pipelines are needed. The S3/Object Lock and Security Lake options satisfy immutability but add Glue/Athena setup and data-movement overhead. Streaming logs to CloudWatch Logs and OpenSearch requires per-account trail configuration, subscription filters, and OpenSearch management, increasing operational burden and not guaranteeing immutability.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is AWS CloudTrail Lake?
Open an interactive chat with Bash
What does 'immutable' mean in the context of CloudTrail Lake?
Open an interactive chat with Bash
How does CloudTrail Lake reduce operational effort compared to other solutions?
Open an interactive chat with Bash
What is CloudTrail Lake, and how does it differ from a standard CloudTrail trail?
Open an interactive chat with Bash
What does it mean for event data to be immutable, and why is it important in this solution?
Open an interactive chat with Bash
How does the SQL interface in CloudTrail Lake simplify the querying process for analysts?
Open an interactive chat with Bash
AWS Certified Data Engineer Associate DEA-C01
Data Security and Governance
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .