Which actions must the Security Engineer take to address these audit findings?

SCS-C02 V2 0 Comments

A recent security audit found that IAM CloudTrail logs are insufficiently protected from tampering and unauthorized access

Which actions must the Security Engineer take to address these audit findings? (Select THREE)
A . Ensure CloudTrail log file validation is turned on
B . Configure an S3 lifecycle rule to periodically archive CloudTrail logs into Glacier for long-term storage
C . Use an S3 bucket with tight access controls that exists m a separate account
D . Use Amazon Inspector to monitor the file integrity of CloudTrail log files.
E . Request a certificate through ACM and use a generated certificate private key to encrypt CloudTrail log files
F . Encrypt the CloudTrail log files with server-side encryption with IAM KMS-managed keys (SSE-KMS)

Answer: A C F

Latest SCS-C02 Dumps Valid Version with 235 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download SCS-C02 PDF     SCS-C02 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments