Topic 1 Question 273
A company needs to log object-level activity in its Amazon S3 buckets. The company also needs to validate the integrity of the log file by using a digital signature.
Which solution will meet these requirements?
Create an AWS CloudTrail trail with log file validation enabled. Enable data events. Specify Amazon S3 as the data event type.
Create a new S3 bucket for S3 server access logs. Configure the existing S3 buckets to send their S3 server access logs to the new S3 bucket.
Create an Amazon CloudWatch Logs log group. Configure the existing S3 buckets to send their S3 server access logs to the log group.
Create a new S3 bucket for S3 server access logs with log file validation enabled. Enable data events. Specify Amazon S3 as the data event type.
ユーザの投票
コメント(3)
- 正解だと思う選択肢: A
Only CloudTrail provides the digital signature validation feature.
👍 2HappyG2024/11/30 - 正解だと思う選択肢: A
Object-Level Logging: By enabling data events in AWS CloudTrail and specifying Amazon S3 as the data event type, you can log object-level activities such as GET, PUT, DELETE, and other operations on your S3 objects.
Log File Validation: AWS CloudTrail provides the option to enable log file integrity validation. When this feature is enabled, CloudTrail creates a hash for each log file and delivers it alongside the log file. This ensures that you can verify the integrity and authenticity of your log files, confirming they haven't been tampered with.
👍 2IPLogic2024/12/06 - 正解だと思う選択肢: D
answer is D
👍 1jdx0002024/11/27
シャッフルモード