Crucial Exams

ISC2 Certified Cloud Security Professional (CCSP) Practice Question

A SaaS provider must prove to customers and regulators that every administrative change to production data in its multi-region cloud database is fully traceable to an individual and that related audit logs cannot be altered or deleted-even by root users-for at least one year. The provider already captures detailed API audit events and writes them to a dedicated object-storage bucket. Which additional control BEST enhances accountability and preserves the evidentiary quality of these logs?

  • Forward all audit events to a centralized SIEM for real-time correlation and alerting.

  • Enable WORM object lock on the audit-log bucket in Compliance mode with a one-year retention period.

  • Encrypt the audit logs with a customer-managed key that is rotated every 30 days.

  • Extend the bucket's lifecycle retention rule from 90 to 180 days without locking the policy.

ISC2 Certified Cloud Security Professional (CCSP)
Cloud Data Security
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot