AWS ELB Access Logs: Fetching and Encryption Format | Exam SOA-C02

How to Fetch and Share AWS ELB Access Logs | Exam SOA-C02

Question

An Airlines company is using ELB as a front-end for all web servers deployed in AWS.

For audit purposes, the security team is looking for the access logs from ELB.

You have been assigned to fetch these logs.

You also need to share the encryption format used for storing these logs with the security team. Which is the correct action to share these details?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Correct Answer: A.

Access Logs for ELB captures detailed information about requests sent to ELB.

Access Logs are disabled by default & can be optionally enabled.

Once enabled, Access logs are stored in an Amazon S3 bucket in the same region as that of ELB.

Access Log files are automatically encrypted using SSE-S3 encryption before storing them in the S3 bucket.

Option B is incorrect as ELB Access Logs are stored in the same region Amazon S3 bucket as that of ELB.Option C is incorrect as ELB Access Logs are encrypted using SSE-S3 encryption keys, not using SSE-KMS keys.

Also, ELB Access Logs are stored in the same region Amazon S3 bucket as that of ELB.Option D is incorrect as ELB Access Logs are encrypted using SSE-S3 encryption keys, not using SSE-KMS keys.

For more information on ELB Access Logs, refer to the following URL,

https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-access-logs.html

The correct action to fetch access logs from ELB and share the encryption format used for storing these logs with the security team is:

A. Fetch Access Logs stored from Amazon S3 bucket in the same region as that of ELB & encryption format for storing access logs is SSE-S3 encryption.

Explanation:

Amazon Elastic Load Balancer (ELB) is a service provided by AWS that automatically distributes incoming traffic across multiple targets, such as EC2 instances, containers, and IP addresses, in one or more Availability Zones. ELB automatically generates access logs that capture detailed information about requests sent to the load balancer. These access logs can be used for troubleshooting, analyzing traffic patterns, and meeting regulatory or compliance requirements.

To fetch access logs from ELB, the logs need to be stored in an S3 bucket. Amazon S3 is a highly scalable and durable object storage service that can be used to store and retrieve any amount of data from anywhere on the web. By default, access logs are stored in an S3 bucket that is automatically created by ELB in the same region as that of the ELB.

Hence, the correct option is to fetch the access logs stored in an Amazon S3 bucket in the same region as that of the ELB. This will ensure that the logs can be easily accessed and analyzed without incurring any additional data transfer costs.

Moreover, the encryption format used for storing access logs is Server-Side Encryption with S3-Managed Keys (SSE-S3) encryption. This means that all objects stored in the S3 bucket are encrypted at rest using Amazon S3 managed keys. SSE-S3 uses strong encryption algorithms to protect data and is transparent to users, meaning there is no need to manage encryption keys or certificates.

Hence, option A is the correct action to fetch access logs from ELB and share the encryption format used for storing these logs with the security team.