Exam AWS Certified Cloud Practitioner topic 1 question 748 discussion

B & C AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of AWS account activities. It records account activity and event history in AWS, and delivers this information to customers as log files. Amazon GuardDuty is a threat detection service that continuously monitors AWS accounts for malicious activity and unauthorized behavior, and delivers findings to customers as alerts. It also provides detailed event data that can be used for compliance and auditing purposes.

B and C

B. AWS CloudTrail: AWS CloudTrail records API calls made within an AWS account and provides visibility into account activity by delivering log files containing details about actions taken on resources, helping with auditing, compliance, and governance. C. Amazon GuardDuty: Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior within an AWS account. While it primarily focuses on threat detection, its activity logs and findings contribute to the audit and compliance aspects by providing insights into security-related events. Both AWS CloudTrail and Amazon GuardDuty are vital services for maintaining visibility into account activity, assisting in auditing, compliance, and governance processes within an AWS environment.

The answer is B & C. I initially thought it was A & B but after reading more about AWS CloudWatch, I've found it is not a valid answer for this question. The reason AWS CloudWatch isn't correct is that it reports on health and performance of AWS services and resources, which is unrelated to governance, compliance or auditing. Since the question asks for "account activities," AWS CloudTrail and Amazon GuardDuty would be the correct answers.

A. Amazon CloudWatch B. AWS CloudTrail "CloudWatch Logs also supports querying your logs with a powerful query language, auditing and masking sensitive data in logs, and generating metrics from logs using filters or an embedded log format." https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/WhatIsCloudWatchLogs.html

AB c is more focused on security

B. AWS CloudTrail: AWS CloudTrail enables the monitoring and logging of API activity and actions taken within an AWS account. It provides a record of events and actions, including user identity, time, source IP address, and more. CloudTrail logs can be used for security analysis, compliance, and auditing purposes. C. Amazon GuardDuty: Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior within an AWS environment. It analyzes events and data from various sources, such as CloudTrail logs, DNS logs, and VPC flow logs, to identify potential threats and anomalies.

B. AWS CloudTrail: AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of AWS account activities. It provides a detailed history of API calls made within an AWS account, including the identity of the caller, the time of the call, the source IP address, the actions performed, and more. CloudTrail logs can be retained and analyzed to track changes, troubleshoot issues, and meet regulatory and compliance requirements. C. Amazon GuardDuty: Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior within AWS accounts. While its primary focus is on detecting security threats, it also generates logs and findings that can be used for governance, compliance, and auditing purposes. GuardDuty findings can provide insights into account activity, network traffic, and potential security risks.

B (AWS CloudTrail) and C (Amazon GuardDuty). AWS CloudTrail allows users to monitor and log all account activity in AWS, including API calls and resource changes. It also allows users to store and retain these logs for compliance and auditing purposes. Amazon GuardDuty is a threat detection service that continuously monitors and analyzes AWS account activity for potential security threats and breaches. It provides insights and alerts on account activity related to security events, such as unauthorized access attempts and unusual network traffic

CloudTrail for auditing CloudWatch for monitoring

CloudTrail provides record of actions taken by user, while GuardDuty protects AWS account with intelligent threat detection.

AWS CloudTrail: It provides a record of actions taken by a user, role, or an AWS service in AWS Management Console, AWS Command Line Interface (CLI), and other AWS services. Amazon CloudWatch: It provides logs for AWS resources and applications to troubleshoot operational issues, monitor system and application performance, and detect anomalies.

AWS CloudTrail: It provides a record of actions taken by a user, role, or an AWS service in AWS Management Console, AWS Command Line Interface (CLI), and other AWS services. Amazon CloudWatch: It provides logs for AWS resources and applications to troubleshoot operational issues, monitor system and application performance, and detect anomalies.