A healthcare organization needs to ensure it keeps detailed records of all operational changes and user activities within its cloud infrastructure to comply with legal regulations. Which service would be MOST appropriate for storing historical information regarding the environment's interactions, including API calls made by users and services?
The correct choice is AWS CloudTrail, which logs and retains a history of API calls and related events made in an organization's cloud environment. This enables detailed auditing and analysis, making CloudTrail essential for compliance with a wide array of governance frameworks and regulatory requirements. Amazon CloudWatch focuses on the real-time monitoring of applications and resources, not historical logging of API interactions. AWS Config is designed to evaluate the configurations of resources for compliance with desired settings, and AWS Security Hub aggregates and prioritizes security findings from various AWS services but neither provide the same comprehensive auditing capabilities as CloudTrail.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is AWS CloudTrail and how does it work?
Open an interactive chat with Bash
How does AWS CloudTrail contribute to compliance?
Open an interactive chat with Bash
What are the key differences between CloudTrail and AWS Config?
Open an interactive chat with Bash
AWS Cloud Practitioner CLF-C02
Security and Compliance
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access