ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam ANS-C00 All Questions

View all questions & answers for the ANS-C00 exam
Go to Exam

Exam ANS-C00 topic 1 question 343 discussion

Exam question from Amazon's ANS-C00
Question #: 343
Topic #: 1
[All ANS-C00 Questions]

To directly manage your CloudTrail security layer, you can use ____ for your CloudTrail log files

  • A. SSE-S3
  • B. SCE-KMS
  • C. SCE-S3
  • D. SSE-KMS
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by ChauPhan at May 23, 2021, 7 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
halfway
Highly Voted 3 years, 5 months ago
Selected Answer: D
SSE-KMS allows customer managed keys, thus the control to security layer directly.
upvoted 12 times
...
ChauPhan
Most Recent 3 years, 8 months ago
A. SSE-S3
upvoted 1 times
ChauPhan
3 years, 7 months ago
Change to SSE-KMS as below link
upvoted 5 times
...
ChauPhan
3 years, 7 months ago
https://docs.aws.amazon.com/awscloudtrail/latest/userguide/encrypting-cloudtrail-log-files-with-aws-kms.html By default, the log files delivered by CloudTrail to your bucket are encrypted by Amazon server-side encryption with Amazon S3-managed encryption keys (SSE-S3). To provide a security layer that is directly manageable, you can instead use server-side encryption with AWS KMS–managed keys (SSE-KMS) for your CloudTrail log files.
upvoted 5 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel