Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Amazon Discussions

Exam AWS Certified Security - Specialty SCS-C02 topic 1 question 147 discussion

Exam question from Amazon's AWS Certified Security - Specialty SCS-C02
Question #: 147
Topic #: 1
[All AWS Certified Security - Specialty SCS-C02 Questions]

A security engineer needs to build a solution to turn AWS CloudTrail back on in multiple AWS Regions in case it is ever turned off.

What is the MOST efficient way to implement this solution?

  • A. Use AWS Config with a managed rule to initiate the AWS-EnableCloudTrail remediation.
  • B. Create an Amazon EventBridge event with a cloudtrail.amazonaws.com event source and a StartLogging event name to invoke an AWS Lambda function to call the StartLogging
    API.
  • C. Create an Amazon CloudWatch alarm with a cloudtrail.amazonaws.com event source and a StopLoggmg event name to invoke an AWS Lambda function to call the StartLogging API.
  • D. Monitor AWS Trusted Advisor to ensure CloudTrail logging is enabled.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Certified101 at May 19, 2024, 8:57 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
Certified101
Highly Voted 3 months, 4 weeks ago
Selected Answer: A
https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/automatically-re-enable-aws-cloudtrail-by-using-a-custom-remediation-rule-in-aws-config.html
upvoted 5 times
...
PegasusForever
Most Recent 2 weeks, 6 days ago
Selected Answer: C AWS-EnableCloudTrail -> Create an AWS CloudTrail trail and configure logging to an S3 bucket not re-enabled for that we require an AWS Config Custom Rule, not listed. MOST Efficient C. Create an Amazon CloudWatch alarm with a cloudtrail.amazonaws.com event source and a StopLoggmg event name to invoke an AWS Lambda function to call the StartLogging API. B is wrong.
upvoted 1 times
...
xTrayusx
1 month, 2 weeks ago
Selected Answer: A
To efficiently turn AWS CloudTrail back on in multiple AWS Regions if it is ever turned off, the best approach is to use AWS Config with a managed rule to automatically remediate the situation.
upvoted 1 times
...
navid1365
1 month, 2 weeks ago
Selected Answer: A
The "most efficient" solution is A.
upvoted 1 times
...
Certified101
3 months, 4 weeks ago
Selected Answer: A
The correct answer is A. The most efficient way to implement this solution is to use AWS Config with a managed rule to initiate the AWS-EnableCloudTrail remediation. This will automatically turn AWS CloudTrail back on if it is ever turned off.
upvoted 2 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel