Topic 1 Question 4

AWS Certified SysOps Administrator - Associate

Topic 1 Question 4
A SysOps administrator has enabled AWS CloudTrail in an AWS account. If CloudTrail is disabled, it must be re-enabled immediately. What should the SysOps administrator do to meet these requirements WITHOUT writing custom code?
- Add the AWS account to AWS Organizations. Enable CloudTrail in the management account.
- Create an AWS Config rule that is invoked when CloudTrail configuration changes. Apply the AWS-ConfigureCloudTrailLogging automatic remediation action.
- Create an AWS Config rule that is invoked when CloudTrail configuration changes. Configure the rule to invoke an AWS Lambda function to enable CloudTrail.
- Create an Amazon EventBridge (Amazon CloudWatch Event) hourly rule with a schedule pattern to run an AWS Systems Manager Automation document to enable CloudTrail.
ユーザの投票
コメント(12)
- Answer: B
  
  Source: https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/automatically-re-enable-aws-cloudtrail-by-using-a-custom-remediation-rule-in-aws-config.html
  
  👍 4
  Taiful2022/05/25
- 正解だと思う選択肢: B
  I vote B
  
  👍 2
  Mecdrox2022/04/24
- B - "To ensure that CloudTrail remains enabled in your account, AWS Config provides the cloudtrail-enabled managed rule. If CloudTrail is turned off, the cloudtrail-enabled rule automatically re-enables it by using automatic remediation."
  
  https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/automatically-re-enable-aws-cloudtrail-by-using-a-custom-remediation-rule-in-aws-config.html
  
  👍 2
  Finger412022/04/27
シャッフルモード

ユーザの投票

コメント(12)