Multiple Choice
A SysOps Administrator must secure AWS CloudTrail logs. The Security team is concerned that an employee may modify or attempt to delete CloudTrail log files from its Amazon S3 bucket. Which practices ensure that the log files are available and unaltered? (Choose two.)
A) Enable the CloudTrail log file integrity check in AWS Config Rules.
B) Use CloudWatch Events to scan log files hourly.
C) Enable CloudTrail log file integrity validation.
D) Turn on Amazon S3 MFA Delete for the CloudTrail bucket.
E) Implement a DENY ALL bucket policy on the CloudTrail bucket.
Correct Answer:
Verified
Correct Answer:
Verified
Q599: A streaming company is using AWS resources
Q600: An organization is using cost allocation tags
Q601: A SysOps Administrator is building a process
Q602: A developer deploys an application running on
Q603: A user has launched an RDS postgreSQL
Q605: A SysOps administrator has set up a
Q606: A company has created an online retail
Q607: A SysOps Administrator responsible for an e-commerce
Q608: A SysOps Administrator launched an Amazon EC2
Q609: An organization is planning to create 5