Multiple Choice
A SysOps Administrator must secure AWS CloudTrail logs. The Security team is concerned that an employee may modify or attempt to delete CloudTrail log files from its Amazon S3 bucket. Which practices will ensure that the log files are available and unaltered? (Choose two.)
A) Enable the CloudTrail log file integrity check in AWS Config Rules.
B) Use CloudWatch Events to scan log files hourly.
C) Enable CloudTrail log file integrity validation.
D) Turn on Amazon S3 MFA Delete for the CloudTrail bucket.
E) Implement a DENY ALL bucket policy on the CloudTrail bucket.
Correct Answer:
Verified
Correct Answer:
Verified
Q163: A fleet of servers must send local
Q164: A company is planning to expand into
Q165: A user has setup connection draining with
Q166: Fill in the blanks: One of the
Q167: An organization has launched 5 instances: 2
Q169: A user is checking the CloudWatch metrics
Q170: A user has launched five instances and
Q171: Spot instances are ideally designed for which
Q172: A company uses multiple accounts for its
Q173: A user is displaying the CPU utilization,