Multiple Choice
A company monitors its account activity using AWS CloudTrail, and is concerned that some log files are being tampered with after the logs have been delivered to the account's Amazon S3 bucket. Moving forward, how can the SysOps Administrator confirm that the log files have not been modified after being delivered to the S3 bucket.
A) Stream the CloudTrail logs to Amazon CloudWatch Logs to store logs at a secondary location.
B) Enable log file integrity validation and use digest files to verify the hash value of the log file.
C) Replicate the S3 log bucket across regions, and encrypt log files with S3 managed keys.
D) Enable S3 server access logging to track requests made to the log bucket for security audits.
Correct Answer:
Verified
Correct Answer:
Verified
Q607: A SysOps Administrator responsible for an e-commerce
Q608: A SysOps Administrator launched an Amazon EC2
Q609: An organization is planning to create 5
Q610: A company's application infrastructure was deployed using
Q611: A user is receiving a notification from
Q613: A user is planning to setup infrastructure
Q614: A company needs to have real-time access
Q615: A placement group in Amazon EC2 can<br>A)
Q616: A user is aware that a huge
Q617: A company's Auditor implemented a compliance requirement