List of questions
Related questions
Question 441 - SCS-C01 discussion
A recent security audit found that AWS CloudTrail logs are insufficiently protected from tampering and unauthorized access Which actions must the Security Engineer take to address these audit findings? (Select THREE )
A.
Ensure CloudTrail log file validation is turned on
B.
Configure an S3 lifecycle rule to periodically archive CloudTrail logs into Glacier for long-term storage
C.
Use an S3 bucket with tight access controls that exists m a separate account
D.
Use Amazon Inspector to monitor the file integrity of CloudTrail log files.
E.
Request a certificate through ACM and use a generated certificate private key to encrypt CloudTrail log files
F.
Encrypt the CloudTrail log files with server-side encryption with AWS KMS-managed keys (SSEKMS)
Your answer:
0 comments
Sorted by
Leave a comment first