ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
An organization operates workloads in three AWS accounts spread across two Regions. The security team needs a near-real-time, single-pane dashboard that shows GuardDuty findings, VPC Flow Log metrics, and custom application metrics from every account and Region. The team wants to rely only on native AWS services, avoid moving or duplicating data, keep administration effort low, and allow analysts to jump from a dashboard widget to the relevant CloudWatch Logs for deeper investigation. Which solution best meets these requirements?
Provision Amazon Managed Grafana in the security account, install the CloudWatch Agent on every EC2 instance to send metrics, and configure individual Grafana data sources for each account and Region.
Continuously export all metrics and logs from every account to an S3 data lake, catalog the data with AWS Glue, and visualize it in Amazon QuickSight.
Link the three source accounts to a designated security account as a CloudWatch monitoring account, build a cross-account, cross-Region CloudWatch dashboard there, and add metric and custom URL or Logs Insights widgets that open the underlying CloudWatch log groups for drill-down.
Stream GuardDuty findings, VPC Flow Logs, and application logs from each account into a centralized Amazon OpenSearch Service domain and create Kibana dashboards for security monitoring.
Amazon CloudWatch supports cross-account and cross-Region data sharing. Designating a dedicated security (monitoring) account as a CloudWatch monitoring account allows the team to build a single dashboard whose widgets reference GuardDuty metrics, VPC Flow Log metrics, and custom application metrics that remain in their original accounts and Regions-so no data copying is required. To enable log drill-down, the team can add CloudWatch custom widgets (for example, using the syntax or a pre-built CloudWatch Logs Insights widget) that embed console URLs pointing to the relevant log groups or saved Logs Insights queries. This approach relies only on AWS-native services and involves less ongoing infrastructure and latency than exporting to Amazon S3/QuickSight, streaming into Amazon OpenSearch Service, or deploying and managing Amazon Managed Grafana with per-instance agents.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is AWS CloudWatch?
Open an interactive chat with Bash
What are VPC Flow Logs?
Open an interactive chat with Bash
What is the <cwdb-action> syntax in CloudWatch?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Risk Identification, Monitoring and Analysis
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .