A global financial firm needs a solution to monitor, record, and retain information about interactions with its cloud infrastructure. The security team will use this data to analyze and audit resource management and to confirm that operational best practices are followed. Which AWS service should the firm implement to meet this compliance-auditing requirement?
AWS CloudTrail is the correct choice because it records account activity-such as user logins and API calls-so that security teams can investigate, analyze, and archive events for auditing and compliance. Amazon CloudWatch is designed for operational metrics and log monitoring; Security Hub consolidates security findings from multiple sources; and Amazon Inspector performs automated vulnerability assessments. None of those services individually provide the detailed account-activity logging needed for compliance auditing.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Amazon CloudTrail and how does it work?
Open an interactive chat with Bash
What are the key differences between CloudTrail and CloudWatch?
Open an interactive chat with Bash
How can using CloudTrail improve security and compliance?
Open an interactive chat with Bash
AWS Cloud Practitioner CLF-C02
Security and Compliance
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access