AWS CloudTrail
| Overview |
|---|
| AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure. CloudTrail provides event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services. This event history simplifies security analysis, resource change tracking, and troubleshooting. In addition, you can use CloudTrail to detect unusual activity in your AWS accounts. These capabilities help simplify operational analysis and troubleshooting. |
1. A company has an application hosted in AWS. This application consists of EC2 Instances which sit behind an ELB with EC2 Instances. The following are requirements from an administrative perspective:
a) Ensure notifications are sent when the read requests go beyond 1000 requests per minute b) Ensure notifications are sent when the latency goes beyond 10 seconds c) Any API activity which calls for sensitive data should be monitored
Which of the following can be used to satisfy these requirements? Choose 2 answers from the options given below.
A. UseCloudTrail to monitor the API Activity.
B. UseCloudWatch logs to monitor the API Activity.
C. Use CloudWatch metrics for the metrics that needs to be monitored as per the requirement and set up an alarm activity to send out notificatIons when the metric reaches the set threshold limit.
D. Usea custom log software to monitor the latency and read requests to the ELB.
2. A company has resources hosted in their AWS Account. There is a requirement to monitor API activity for all regions and the audit needs to be applied for future regions as well. Which of the following can be used to fulfill this requirement?
A. Ensure CloudTrail for each region, then enable for each future region.
B. Ensure one CloudTrail trail is enabled for all regions.
C. Create a CloudTrail for each region. Use CloudFormation to enable the trail for allfuture regions.
D. Create a CloudTrail for each region. Use AWS Config to enable the trail for all futureregions.
3. You are an AWS Solutions Architect and are architecting an application environment on AWS. Which service or service feature would you enable to take advantage of monitoring to ensure that auditing the environment for compliance is easy and follows strict security compliance requirements?
A. Cloud Trailfor security logs
B. SSL Logging
C. Encrypted data storage
D. Multi Factor Authentication
4. You are responsible for deploying a critical application to AWS. It is required to ensure that the controls set for this application meet PCI compliance. Also, there is a need to monitor web application logs to identify any malicious activity. Which of the following services can be used to fulfill this requirement? Choose 2 answers from the options given below.
A. Amazon CloudWatch Logs
B. Amazon VPC Flow Logs
C. Amazon AWS Config
D. Amazon CloudTrail
5. You have enabled CloudTrail logs for your company’s AWS account. In addition, the IT Security department has mentioned that the logs need to be encrypted. How can this be achieved?
A. Enable SSL certificates for the CloudTrail logs.
B. There is no need to do anything since the logs will already be encrypted.
C. Enable Server-Side Encryption for the trail.
D. Enable Server-Side Encryption for the destination S3 bucket.
6. Your company has a set of resources hosted on the AWS Cloud. As a part of the new governing model, there is a requirement that all activity on AWS resources should be monitored. What is the most efficient way to have this implemented?
A. Use VPC Flow Logs to monitor all activity in your VPC.
B. Use AWS Trusted Advisor to monitor all of your AWS resources.
C. Use AWS Inspector to inspect all of the resources in your account.
D. Use AWS CloudTrail to monitor all API activity.