Which set of actions should the SysOps administrator take to meet this requirement?

By:
In: SOA-C02
Tagged:
With: 1 Comment
A company is undergoing an external audit of its systems, which run wholly on AWS.A SysOps administrator must supply documentation of Payment Card Industry Data Security Standard (PCI DSS) compliance for the infrastructure managed by AWS.

Which set of actions should the SysOps administrator take to meet this requirement?

Download the applicable reports from the AWS Artifact portal and supply these to the auditors.

Download complete copies of the AWS CloudTrail log files and supply these to the auditors.

Download complete copies of the AWS CloudWatch logs and supply these to the auditors.

Provide the auditors with administrative access to the production AWS account so that the auditors can determine compliance.

Explanations:

AWS Artifact provides on-demand access to AWS compliance reports, including PCI DSS compliance. These reports are the required documentation for auditors to verify that AWS services are in compliance with PCI DSS standards.

CloudTrail logs are useful for auditing AWS account activity, but they do not provide specific documentation for PCI DSS compliance. These logs are not the required compliance reports for external audits.

CloudWatch logs capture operational metrics and application logs, but they do not provide documentation for PCI DSS compliance. They are not specific to security or compliance reporting required by auditors.

Providing administrative access to auditors is unnecessary and risky. Auditors can obtain the necessary compliance reports through AWS Artifact without requiring direct access to the AWS environment.

2025-10-14

1 Comment

  1. Thomas
    Author

    From my point of view, the answer is:
    Download the applicable reports from the AWS Artifact portal and supply these to the auditors.

Leave a Reply

Your email address will not be published. Required fields are marked *

thirteen + 14 =