A company needs a detailed audit trail of all user activities and API usage for their cloud-based infrastructure. The requirement includes the need to have logs that offer insights into resource modifications and operational issues. Which service would be most suitable for meeting this compliance requirement?
The correct answer is AWS CloudTrail, as it provides event history and a detailed log of who did what on your account, including actions taken through various interfaces. CloudTrail is specifically designed for auditing and reviewing historical data related to API calls. Amazon CloudWatch focuses on monitoring and logging operational metrics rather than API calls. Amazon GuardDuty is used for threat detection and continuous monitoring but does not have the same auditing capabilities as CloudTrail. AWS Config is more for tracking resource changes and configurations over time, and while it can generate logs, it's not as comprehensive for auditing all user activities and API usage as CloudTrail.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is AWS CloudTrail and how does it work?
Open an interactive chat with Bash
What types of events does AWS CloudTrail log?
Open an interactive chat with Bash
How does AWS CloudTrail compare to other AWS services like CloudWatch or GuardDuty?
Open an interactive chat with Bash
AWS Cloud Practitioner CLF-C02
Security and Compliance
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Information Technology Package Join Premium for Full Access