ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
An e-commerce company ingests VPC Flow Logs, AWS CloudTrail events, and application server logs into a dedicated Amazon S3 bucket. An internal audit states that the security team must be able to demonstrate that no one, including administrators, can modify or delete log files for one year and must be able to detect any attempted tampering. The team wants a native, low-maintenance AWS solution. Which action will meet these requirements?
Stream all logs to Amazon CloudWatch Logs and set the retention period to Never Expire.
Turn on S3 Object Lock in Compliance mode for the log bucket and enable CloudTrail log file integrity validation.
Enable bucket versioning and configure cross-region replication to a secondary S3 bucket.
Encrypt the log bucket with server-side encryption using an AWS KMS customer-managed key that is rotated annually.
Amazon S3 Object Lock in Compliance mode enforces write-once-read-many (WORM) protection, preventing any user-root or otherwise-from altering or deleting objects until the retention period expires, satisfying the non-repudiation requirement. Enabling CloudTrail log file validation adds a signed hash chain to each log file so any post-delivery alteration can be cryptographically detected. Versioning, replication, or encryption add resiliency and confidentiality but do not make logs immutable or provide proof of integrity. Simply storing logs in CloudWatch Logs offers retention but does not prevent tampering or supply cryptographic validation.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is S3 Object Lock in Compliance mode?
Open an interactive chat with Bash
What is CloudTrail log file integrity validation?
Open an interactive chat with Bash
How does versioning differ from S3 Object Lock for security purposes?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Risk Identification, Monitoring and Analysis
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .