Topic 1 Question 318
2 つ選択A company recently migrated its entire IT environment to the AWS Cloud. The company discovers that users are provisioning oversized Amazon EC2 instances and modifying security group rules without using the appropriate change control process. A solutions architect must devise a strategy to track and audit these inventory and configuration changes.
Which actions should the solutions architect take to meet these requirements?
Enable AWS CloudTrail and use it for auditing.
Use data lifecycle policies for the Amazon EC2 instances.
Enable AWS Trusted Advisor and reference the security dashboard.
Enable AWS Config and create rules for auditing and compliance purposes.
Restore previous resource configurations with an AWS CloudFormation template.
ユーザの投票
コメント(5)
- 正解だと思う選択肢: AD
A. Enable AWS CloudTrail and use it for auditing. CloudTrail provides event history of your AWS account activity, including actions taken through the AWS Management Console, AWS Command Line Interface (CLI), and AWS SDKs and APIs. By enabling CloudTrail, the company can track user activity and changes to AWS resources, and monitor compliance with internal policies and external regulations.
D. Enable AWS Config and create rules for auditing and compliance purposes. AWS Config provides a detailed inventory of the AWS resources in your account, and continuously records changes to the configurations of those resources. By creating rules in AWS Config, the company can automate the evaluation of resource configurations against desired state, and receive alerts when configurations drift from compliance.
Options B, C, and E are not directly relevant to the requirement of tracking and auditing inventory and configuration changes.
👍 5LuckyAro2023/02/21 CloudTrail and Config
👍 2Neha9992023/02/18AGREE WITH ANSWER - A & D CloudTrail and Config
👍 1jennyka762023/02/19
シャッフルモード