Multiple Choice
An organization wants to log all AWS API calls made within all of its AWS accounts, and must have a central place to analyze these logs. What steps should be taken to meet these requirements in the MOST secure manner? (Choose two.)
A) Turn on AWS CloudTrail in each AWS account.
B) Turn on CloudTrail in only the account that will be storing the logs.
C) Update the bucket ACL of the bucket in the account that will be storing the logs so that other accounts can log to it.
D) Create a service-based role for CloudTrail and associate it with CloudTrail in each account.
E) Update the bucket policy of the bucket in the account that will be storing the logs so that other accounts can log to it.
Correct Answer:
Verified
Correct Answer:
Verified
Q82: A threat assessment has identified a risk
Q83: An organization is using Amazon CloudWatch Logs
Q84: The Security Engineer for a mobile game
Q85: A recent security audit found that AWS
Q86: An audit determined that a company's Amazon
Q88: Example.com is hosted on Amazon EC2 instance
Q89: A company website runs on Amazon EC2
Q90: A company's Information Security team wants to
Q91: A company uses AWS CodePipeline for its
Q92: A company is running an application on