AWS Certified Solutions Architect Associate SAA-C03 Practice Question
A healthcare company leverages a leading cloud service provider to host patient health data. Compliance standards require that the organization must have the ability to track who is accessing this data and any modifications made to it in real-time. Which tool would you choose to meet these stringent logging requirements?
CloudTrail is the appropriate choice for monitoring and logging user actions and resource changes over time, vital for handling sensitive information like PHI. It ensures that actions taken by users, roles, or AWS services are recorded, which is fundamental for maintaining stringent access logs required by compliance standards, such as those related to healthcare information.
The use of Inspector would not fulfill the requirement as its use case is security assessment for applications, not detailed logging of data access. Config helps monitor resource states and changes but does not provide the granular action-level logging required for compliance audits associated with healthcare data. CloudWatch primarily focuses on performance monitoring rather than user access and interaction logs.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What specific types of logs does AWS CloudTrail provide?
Open an interactive chat with Bash
How does AWS CloudTrail enhance compliance with regulations like HIPAA?
Open an interactive chat with Bash
What distinguishes AWS CloudTrail from other logging tools like AWS Config or CloudWatch?