Which practices ensure that the log files are available and unaltered?

Posted by: Pdfprep Category: SOA-C01 Tags: AWS Certified SysOps Administrator - Associate, SOA-C01 exam questions, SOA-C01 practice exam Post Date: March 5, 2021

A SysOps Administrator must secure AWS CloudTrail logs. The Security team is concerned that an employee may modify or attempt to delete CloudTrail log files from its Amazon S3 bucket.

Which practices ensure that the log files are available and unaltered? (Choose two.)
A . Enable the CloudTrail log file integrity check in AWS Config Rules.
B . Use CloudWatch Events to scan log files hourly.
C . Enable CloudTrail log file integrity validation.
D . Turn on Amazon S3 MFA Delete for the CloudTrail bucket.
E . Implement a DENY ALL bucket policy on the CloudTrail bucket.

Answer: C,D

Which practices ensure that the log files are available and unaltered?

Author

Leave a Reply Cancel reply