Question 9
Domain 1: Design Secure ArchitecturesSebuah perusahaan menggunakan Amazon RDS MySQL. Security auditor menemukan bahwa beberapa query ke database mengandung pattern mencurigakan yang bisa jadi SQL injection. Mereka butuh solusi untuk **detect dan alert** aktivitas database yang mencurigakan tanpa mengubah aplikasi. Solusi mana yang paling tepat?
Correct answer: B
Explanation
AWS Database Activity Streams is used to “detect and alert” on database activity in near real time without changing the application. It captures database actions for monitoring, which fits finding suspicious SQL injection patterns on an Amazon RDS MySQL instance.
Why each option is right or wrong
A. Aktifkan RDS Enhanced Monitoring
B. Aktifkan AWS Database Activity Streams pada RDS instance
AWS Database Activity Streams on Amazon RDS for MySQL is the service designed to emit near-real-time database activity events for monitoring and alerting, without requiring any application code changes. For RDS MySQL, it can be enabled at the DB instance level and streams activity to consumers such as Amazon Kinesis for detection workflows, which fits an auditor’s need to flag suspicious query patterns indicative of SQL injection.
C. Aktifkan RDS Performance Insights
D. Gunakan AWS WAF di depan RDS