ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty All Questions

View all questions & answers for the AWS Certified Security - Specialty exam
Go to Exam

Exam AWS Certified Security - Specialty topic 1 question 29 discussion

Exam question from Amazon's AWS Certified Security - Specialty
Question #: 29
Topic #: 1
[All AWS Certified Security - Specialty Questions]

A security team is responsible for reviewing AWS API call activity in the cloud environment for security violations. These events must be recorded and retained in a centralized location for both current and future AWS regions.
What is the SIMPLEST way to meet these requirements?

  • A. Enable AWS Trusted Advisor security checks in the AWS Console, and report all security incidents for all regions.
  • B. Enable AWS CloudTrail by creating individual trails for each region, and specify a single Amazon S3 bucket to receive log files for later analysis.
  • C. Enable AWS CloudTrail by creating a new trail and applying the trail to all regions. Specify a single Amazon S3 bucket as the storage location.
  • D. Enable Amazon CloudWatch logging for all AWS services across all regions, and aggregate them to a single Amazon S3 bucket for later analysis.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by sensor at June 29, 2019, 8:55 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
sensor
Highly Voted 3 years, 9 months ago
The referenced link does not prove req that futre regions must be taken into account. With C future regions req is satisfied.
upvoted 36 times
...
Osemk
Highly Voted 3 years, 9 months ago
The reference link actually supports C.
upvoted 17 times
...
Raphaello
Most Recent 1 year, 4 months ago
Selected Answer: C
C is the correct answer.
upvoted 1 times
...
tonimrz
1 year, 11 months ago
Selected Answer: C
Yo can apply this trail in several regions in a easy way.
upvoted 1 times
...
addy_prepare
1 year, 11 months ago
Selected Answer: B
Just look at CT 'Create Trail' options
upvoted 1 times
...
CE1212
2 years ago
C - an org trail with central logging created from the management account
upvoted 1 times
...
Robert0
2 years, 1 month ago
Selected Answer: C
Answer should be C. It's easier than B
upvoted 1 times
...
bbddmm
2 years, 2 months ago
Selected Answer: C
the answer is C
upvoted 2 times
...
AWS_Noob
2 years, 4 months ago
Selected Answer: C
Simplest would be C. Creating seperate trails wills just be unnecessary in this case
upvoted 1 times
...
Suhasj02
2 years, 5 months ago
C - You can configure CloudTrail to deliver log files from multiple regions to a single S3 bucket for a single account. For example, you have a trail in the US West (Oregon) Region that is configured to deliver log files to a S3 bucket, and a CloudWatch Logs log group. When you change an existing single-region trail to log all regions, CloudTrail logs events from all regions that are in a single AWS partition in your account. CloudTrail delivers log files to the same S3 bucket and CloudWatch Logs log group. To log events across all regions in all AWS partitions in your account, create a multi-region trail in each partition. Link - https://docs.aws.amazon.com/awscloudtrail/latest/userguide/receive-cloudtrail-log-files-from-multiple-regions.html
upvoted 3 times
virtual
1 year, 4 months ago
Yes this explanation seems to be good with partitions and mutli-region trail. So I vote C as well.
upvoted 1 times
...
...
pearl15
2 years, 5 months ago
Selected Answer: C
C It should be C and no brainer. Questions is asking about all the trails and future trails not asking about selective trails. B could have been the answer if the selective trails were the question. Since one trail across multiple regions is supported, we should create Multiple Region.
upvoted 2 times
...
janvandermerwer
2 years, 7 months ago
Selected Answer: C
C for ease of current (and future) management. Cloudwatch doesn't really work that way.
upvoted 2 times
xplusfb
2 years, 5 months ago
Absolutely agreed. C is the right one.
upvoted 1 times
...
...
[Removed]
2 years, 8 months ago
Selected Answer: C
By default trail is a multi-region. You neeed to use cli to create a single-region trail: "In the console, you create a trail that logs events in all AWS Regions that you have enabled. This is a recommended best practice. To log events in a single region (not recommended), use the AWS CLI."
upvoted 4 times
...
arae
2 years, 8 months ago
C is the answer
upvoted 1 times
...
Desteeny
2 years, 9 months ago
C question talks about a region and subsequent regions in future
upvoted 1 times
...
ceeee
2 years, 9 months ago
Selected Answer: C
C is definitely the answe
upvoted 1 times
...
Mr__
2 years, 9 months ago
Selected Answer: C
C is correct
upvoted 1 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel