A company became aware that one of its access keys was exposed on a code sharing website 11 days ago. A Security Engineer must review all use of the exposed keys to determine the extent of the exposure. The company enabled AWS CloudTrail in all regions when it opened the account. Which of the following will allow the Security Engineer to complete the task?
A) Filter the event history on the exposed access key in the CloudTrail console. Examine the data from the past 11 days.
B) Use the AWS CLI to generate an IAM credential report. Extract all the data from the past 11 days.
C) Use Amazon Athena to query the CloudTrail logs from Amazon S3. Retrieve the rows for the exposed access key for the past 11 days.
D) Use the Access Advisor tab in the IAM console to view all of the access key activity for the past 11 days.
Correct Answer:
Verified
Q88: A Security Administrator is restricting the capabilities
Q89: A company's Developers plan to migrate their
Q90: A Security Engineer manages AWS Organizations for
Q91: A company has decided to migrate sensitive
Q92: A Development team has built an experimental
Q94: An Amazon EC2 instance is denied access
Q95: A Security Engineer signed in to the
Q96: Auditors for a health care company have
Q97: A company has several workloads running on
Q98: A company has a customer master key
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents