Which combination of steps should the security team take?

A company’s AWS CloudTrail logs are all centrally stored in an Amazon S3 bucket.The security team controls the company’s AWS account.The security team must prevent unauthorized access and tampering of the CloudTrail logs.

(Choose three.)

Configure server-side encryption with AWS KMS managed encryption keys (SSE-KMS)

Compress log file with secure gzip.

Create an Amazon EventBridge (Amazon CloudWatch Events) rule to notify the security team of any modifications on CloudTrail log files.

Implement least privilege access to the S3 bucket by configuring a bucket policy.

Configure CloudTrail log file integrity validation.

Configure Access Analyzer for S3.

Previous Post: Which AWS service should the developer use to meet these requirements?

Next Post: How should the Security team configure the environment to ensure that the interns are self-sufficient?

2 Comments

Author

I deduce that the answer is:
Configure server-side encryption with AWS KMS managed encryption keys (SSE-KMS)

Larry

6 months ago

Permalink

Reply
Author

I sort that the answer is:
Configure server-side encryption with AWS KMS managed encryption keys (SSE-KMS)

Charles

2 days ago

Permalink

Reply

Free study guides, practices test, sample questions

Which combination of steps should the security team take?

2 Comments

Leave a Reply Cancel reply