A company has configured an organization in AWS Organizations for its AWS accounts.

Amazon Web Services SCS-C02 Full Course Access

Amazon Web Services SCS-C02 View All Questions

Amazon Web Services SCS-C02 Question Answer

A company has configured an organization in AWS Organizations for its AWS accounts. AWS CloudTrail is enabled in all AWS Regions. A security engineer must implement a solution to prevent CloudTrail from being disabled. Which solution will meet this requirement?

Enable CloudTrail log file integrity validation from the organization's management account.

Enable server-side encryption with AWS KMS keys (SSE-KMS) for CloudTrail logs. Create a KMS key Attach a policy to the key to prevent decryption of the logs

Create an SCP that includes an explicit Deny rule for the StopLogging action and the DeleteTrail action. Attach the SCP to the root OU.

Create 1AM policies for all the company's users to prevent the users from performing the DescribeTrails action and the GetTrailStatus action.

SCS-C02 PDF/Engine

Printable Format
Value of Money
100% Pass Assurance
Verified Answers
Researched by Industry Experts
Based on Real Exams Scenarios
100% Real Questions

Get 65% Discount on All Products, Use Coupon: "ac4s65"

A company that uses GitHub Actions needs to use a workflow to deploy AWS services.

A company needs to improve its ability to identify and prevent IAM policies that grant...

New Year Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ac4s65

A company has configured an organization in AWS Organizations for its AWS accounts.

The Answer Is:

Explanation:

Quick Links