A SysOps Administrator must secure AWS CloudTrail logs. The Security team is concerned that an employee may modify or attempt to delete CloudTrail log files from its Amazon S3 bucket. Which practices will ensure that the log files are available and unaltered? (Choose two.)
A) Enable the CloudTrail log file integrity check in AWS Config Rules.
B) Use CloudWatch Events to scan log files hourly.
C) Enable CloudTrail log file integrity validation.
D) Turn on Amazon S3 MFA Delete for the CloudTrail bucket.
E) Implement a DENY ALL bucket policy on the CloudTrail bucket.
Correct Answer:
Verified
Q665: A web application runs on Amazon EC2
Q666: A SysOps Administrator has been notified that
Q667: A company hosts its website on Amazon
Q668: A SysOps Administrator manages a website running
Q669: A SysOps Administrator is managing an AWS
Q671: A SysOps Administrator noticed that the cache
Q672: A company has created an online retail
Q673: An application running on Amazon EC2 instances
Q674: An organization stores sensitive customer in S3
Q675: A SysOps Administrator is deploying a legacy
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents