Topic 1 Question 77
A company runs an application that hosts critical data for several clients. The company uses AWS CloudTrail to track user activities on various AWS resources. To meet new security requirements, the company needs to protect the CloudTrail log files from being modified, deleted, or forged. Which solution will meet these requirement?
Enable CloudTrail log file integrity validation.
Use Amazon S3 MFA Delete on the S3 bucket where the CloudTrail log files are stored.
Use Amazon S3 Versioning to keep all versions of the CloudTrail log files.
Use AWS Key Management Service (AWS KMS) security keys to secure the CloudTrail log files.
ユーザの投票
コメント(15)
- 正解だと思う選択肢: A
A. Enable CloudTrail log file integrity validation.
👍 4Rick3652022/08/30 - 正解だと思う選択肢: A
The answer is A! Enable CloudTrail log file integrity
Validated log files are especially valuable in security and forensic investigations. For example, a validated log file enables you to assert positively that the log file itself has not changed, or that particular user credentials performed specific API activity. The CloudTrail log file integrity validation process also lets you know if a log file has been deleted or changed, or assert positively that no log files were delivered to your account during a given period of time. CloudTrail log file integrity validation uses industry standard algorithms: SHA-256 for hashing and SHA-256 with RSA for digital signing. This makes it computationally unfeasible to modify, delete or forge CloudTrail log files without detection.
https://docs.aws.amazon.com/awscloudtrail/latest/userguide/best-practices-security.html
👍 4princajen2022/09/01 - 正解だと思う選択肢: A
AWS example exam has a very similar question - see link and the answer was to enable log file integrity https://d1.awsstatic.com/training-and-certification/docs-sysops-associate/AWS-Certified-SysOps-Administrator-Associate_Sample-Questions.pdf
👍 3Gianiluca2022/09/25
シャッフルモード