Free AWS DOP-C02 Actual Exam Questions - Question 3 Discussion
dashboard to view changes to the Redshift users and the queries the users perform.
Which combination of steps will meet this requirement? (Select TWO.)
It’s B for sure because Redshift audit logs go to S3 by default. Then I’d pick E because using a Lambda with Athena to query those logs makes sense for building a custom dashboard. D sounds easy but I don’t think CloudWatch gets Redshift logs directly, so the widget wouldn’t have the data. Plus, Lambda gives more flexibility to process and filter the logs before showing them. So B and E seem like the right pair to me.
Option B handles audit logs to S3, and D lets us visualize them easily on CloudWatch.
Maybe B and D. B sets up audit logs in S3, which is standard for Redshift. D uses CloudWatch dashboards to visualize logs, which fits the need to view user changes and queries nicely.
Makes sense to rule out A since CloudTrail won’t capture the detailed query info. B and C fit because B sets up audit logs in S3 and C ensures user activity is logged properly. Kevin N.
Probably B and C since audit logging to S3 plus detailed user activity in logs is key.
Not A, because CloudTrail tracks API calls but won’t capture detailed Redshift user queries. B is a must since audit logs need to go to S3. Then C helps include user activity details directly in Redshift audit logs for better insight.
B/D? B is definitely needed to get the audit logs saved in S3, capturing everything about user activity. Then D fits well because setting up a CloudWatch dashboard with a log widget lets you actually visualize those logs in one place. C could work too, but since you want a dashboard, D’s visual aspect seems more useful. E sounds a bit overcomplicated for just viewing changes and queries, and A looks unrelated to Redshift’s audit logs specifically.
Option B and C feel like the right picks here. B sets up the audit logs in S3, which is a solid step to keep all user activity recorded. Then C makes sure those logs include the specifics about user actions and routes them to CloudWatch, where they can be monitored more easily. The other options either don’t cover both logging and visualization well or add unnecessary complexity like Lambda functions when straightforward logging and dashboards do the job.
E imo. Using a Lambda function with Athena to query the Redshift logs adds more flexibility to create custom visualizations on a CloudWatch dashboard. This option supports deeper analysis beyond just logging.
A doesn’t seem right because CloudTrail mainly logs AWS API calls, not Redshift user queries or detailed user activity inside the database. B and C are good for getting logs but without E's querying and visualization, the dashboard part might be limited. So E plus one that captures audit logs (like B or C) makes the most sense to me.
B/C make the most sense here. Default audit logging sends Redshift logs to S3, which is needed (B). Then configuring database audit logging to include user activity logs and choosing CloudWatch as the target allows viewing logs there (C). A is kinda misleading because CloudTrail doesn’t capture detailed Redshift user query activity, just API calls. D sounds plausible but you need actual logs being sent first, so it makes more sense after setting up C. E feels like overcomplication-Lambda querying logs via Athena then pushing a custom widget seems unnecessary when CloudWatch dashboards can disp