This domain determines your ability to implement and troubleshoot solutions relating to logging, monitoring, and alerting. You will need to be able to deploy, operate, and troubleshoot solutions relating to these four components within your AWS infrastructure:
- 2.1: Design and implement security monitoring and alerting: You must have full comprehension of the available monitoring and alerting services within AWS. In addition, you must also be aware of how these can be utilized and integrated to implement an effective solution for monitoring your infrastructure for security threats and vulnerabilities.
- 2.2: Troubleshoot security monitoring and alerting: Implementing a monitoring and alerting system is one thing, but being able to resolve issues with the solution and design is another. You must be aware of how the architecture is coupled together and the prerequisites for specific AWS features.
- 2.3: Design and implement a logging solution:Â Data held in logs generated from services and applications can provide a wealth of information to help you identify a potential security breach. Therefore, it's imperative that you have a sound awareness of how to implement a solution to capture and record log data.
- 2.4: Troubleshoot logging solutions:Â Similar to 2.2, your knowledge of logging solutions has to go deeper than implementation; you have to understand the key components, concepts, and how components depend on one another to enable you to resolve any incidents.
You must understand the complexities and importance of monitoring and logging and how they can be used together as an effective security tool.
