ExamGecko
Question list
Search
Search

List of questions

Search

Related questions











Question 441 - SCS-C01 discussion

Report
Export

A recent security audit found that AWS CloudTrail logs are insufficiently protected from tampering and unauthorized access Which actions must the Security Engineer take to address these audit findings? (Select THREE )

A.
Ensure CloudTrail log file validation is turned on
Answers
A.
Ensure CloudTrail log file validation is turned on
B.
Configure an S3 lifecycle rule to periodically archive CloudTrail logs into Glacier for long-term storage
Answers
B.
Configure an S3 lifecycle rule to periodically archive CloudTrail logs into Glacier for long-term storage
C.
Use an S3 bucket with tight access controls that exists m a separate account
Answers
C.
Use an S3 bucket with tight access controls that exists m a separate account
D.
Use Amazon Inspector to monitor the file integrity of CloudTrail log files.
Answers
D.
Use Amazon Inspector to monitor the file integrity of CloudTrail log files.
E.
Request a certificate through ACM and use a generated certificate private key to encrypt CloudTrail log files
Answers
E.
Request a certificate through ACM and use a generated certificate private key to encrypt CloudTrail log files
F.
Encrypt the CloudTrail log files with server-side encryption with AWS KMS-managed keys (SSEKMS)
Answers
F.
Encrypt the CloudTrail log files with server-side encryption with AWS KMS-managed keys (SSEKMS)
Suggested answer: A, D, E
asked 16/09/2024
Cyrom Meryll Santos
36 questions
User
Your answer:
0 comments
Sorted by

Leave a comment first