Multiple Choice
A Security Engineer is defining the logging solution for a newly developed product. Systems Administrators and Developers need to have appropriate access to event log files in AWS CloudTrail to support and troubleshoot the product. Which combination of controls should be used to protect against tampering with and unauthorized access to log files? (Choose two.)
A) Ensure that the log file integrity validation mechanism is enabled.
B) Ensure that all log files are written to at least two separate Amazon S3 buckets in the same account.
C) Ensure that Systems Administrators and Developers can edit log files, but prevent any other access.
D) Ensure that Systems Administrators and Developers with job-related need-to-know requirements only are capable of viewing-but not modifying-the log files.
E) Ensure that all log files are stored on Amazon EC2 instances that allow SSH access from the internal corporate network only.
Correct Answer:
Verified
Correct Answer:
Verified
Q41: Authorized Administrators are unable to connect to
Q42: An application outputs logs to a text
Q43: A Security Engineer has discovered that, although
Q44: Which of the following is the most
Q45: A company is configuring three Amazon EC2
Q47: A company plans to move most of
Q48: An organization wants to be alerted when
Q49: A security engineer has noticed an unusually
Q50: A company has a forensic logging use
Q51: A company requires that SSH commands used