Multiple Choice
A company's AWS CloudTrail logs are all centrally stored in an Amazon S3 bucket. The security team controls the company's AWS account. The security team must prevent unauthorized access and tampering of the CloudTrail logs. Which combination of steps should the security team take? (Choose three.)
A) Configure server-side encryption with AWS KMS managed encryption keys (SSE-KMS)
B) Compress log file with secure gzip.
C) Create an Amazon EventBridge (Amazon CloudWatch Events) rule to notify the security team of any modifications on CloudTrail log files.
D) Implement least privilege access to the S3 bucket by configuring a bucket policy.
E) Configure CloudTrail log file integrity validation.
F) Configure Access Analyzer for S3.
Correct Answer:
Verified
Correct Answer:
Verified
Q115: An organizational must establish the ability to
Q116: Which of the following minimizes the potential
Q117: A user is implementing a third-party web
Q118: A security engineer is defining the controls
Q119: A Security Engineer is looking for a
Q121: A company has an IAM group. All
Q122: A Security Engineer signed in to the
Q123: A security engineer is designing an incident
Q124: An organization is moving non-business-critical applications to
Q125: A company is hosting multiple applications within