A company working with sensitive patient data is looking to maintain a comprehensive log of all actions taken by users and services within their cloud infrastructure. This includes the need for granular information, such as the identities of users making API calls, the source IP addresses of these calls, and specific details about requested resources. Which solution should the company implement to fulfill this specific requirement?
The correct solution for recording comprehensive logs of actions taken by users and services, including details about API calls, identities of users, source IP addresses, and other elements, is CloudTrail. CloudTrail provides event history of your account activity, including actions taken through the Management Console, SDKs, command line tools, and other services. CloudWatch primarily focuses on performance monitoring of applications and resources rather than detailed API-level activities. Config is used for assessing, auditing, and evaluating the configurations of your resources. Shield is specifically designated for DDoS protection and would not provide logging of all account activities.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What kind of data can AWS CloudTrail log?
Open an interactive chat with Bash
How does CloudTrail differ from CloudWatch?
Open an interactive chat with Bash
What is the purpose of AWS Config?
Open an interactive chat with Bash
AWS Cloud Practitioner CLF-C02
Security and Compliance
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access