Exam SOA-C03 Topic 3 Question 81 Discussion
Actual exam question for Amazon's SOA-C03 exam
Question #: 81
Topic #: 3
Question #: 81
Topic #: 3
A company runs thousands of Amazon EC2 instances that are based on the Amazon Linux 2 Amazon Machine Image (AMI). A SysOps administrator must implement a solution to record commands and output from any user that needs an interactive session on one of the EC2 instances. The solution must log the data to a durable storage location. The solution also must provide automated notifications and alarms that are based on the log data.
Which solution will meet these requirements with the MOST operational efficiency?
Which solution will meet these requirements with the MOST operational efficiency?
Suggested Answer: C Vote an answer
Comprehensive and Detailed Explanation From Exact Extract of AWS CloudOps Documents:
The most operationally efficient solution is C because AWS Systems Manager Session Manager is purpose- built for secure, auditable interactive access to EC2 instances at scale-without managing bastion hosts or distributing SSH keys. Session Manager can be configured to log session activity, including commands and output, to durable destinations such as Amazon CloudWatch Logs (and optionally Amazon S3). This directly satisfies the requirement to record interactive sessions and store logs durably.
For automated notifications and alarms, CloudWatch Logs supports metric filters that transform matching log patterns into CloudWatch metrics. Those metrics can then drive CloudWatch alarms and notifications (for example, via Amazon SNS). This is a standard CloudOps pattern: centralize logs, derive metrics from security-relevant patterns, and alert automatically.
Option A and D require installing and operating agents and building a more complex analytics path (Athena queries for alerting), which is less efficient and introduces more moving parts across thousands of instances.
Option B adds a bastion host dependency that becomes an operational burden (scaling, patching, hardening, HA) and a potential choke point. Session Manager reduces these burdens by using SSM Agent already installed, IAM-based access control, and centralized logging/monitoring integrations.
References:
AWS Systems Manager User Guide - Session Manager and session logging to CloudWatch Logs/S3 Amazon CloudWatch Logs User Guide - Metric filters and alarms from log patterns AWS SysOps Administrator Study Guide - Centralized logging, auditing, and operational monitoring
The most operationally efficient solution is C because AWS Systems Manager Session Manager is purpose- built for secure, auditable interactive access to EC2 instances at scale-without managing bastion hosts or distributing SSH keys. Session Manager can be configured to log session activity, including commands and output, to durable destinations such as Amazon CloudWatch Logs (and optionally Amazon S3). This directly satisfies the requirement to record interactive sessions and store logs durably.
For automated notifications and alarms, CloudWatch Logs supports metric filters that transform matching log patterns into CloudWatch metrics. Those metrics can then drive CloudWatch alarms and notifications (for example, via Amazon SNS). This is a standard CloudOps pattern: centralize logs, derive metrics from security-relevant patterns, and alert automatically.
Option A and D require installing and operating agents and building a more complex analytics path (Athena queries for alerting), which is less efficient and introduces more moving parts across thousands of instances.
Option B adds a bastion host dependency that becomes an operational burden (scaling, patching, hardening, HA) and a potential choke point. Session Manager reduces these burdens by using SSM Agent already installed, IAM-based access control, and centralized logging/monitoring integrations.
References:
AWS Systems Manager User Guide - Session Manager and session logging to CloudWatch Logs/S3 Amazon CloudWatch Logs User Guide - Metric filters and alarms from log patterns AWS SysOps Administrator Study Guide - Centralized logging, auditing, and operational monitoring
by Otis at Jan 25, 2026, 08:34 PM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).