SAP-C02 · Question #306
SAP-C02 Question #306: Real Exam Question with Answer & Explanation
The correct answer is C: Configure an organization-level CloudTrail in the parent account to deliver log events to a central. https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-trail-organization.html Best practices for moving from member account trails to organization trails why delete the existing CloudTrail and logs in the member accounts.
Question
A company uses AWS Organizations to manage one parent account and nine member accounts. The number of member accounts is expected to grow as the business grows. A security engineer has requested consolidation of AWS CloudTrail logs into the parent account for compliance purposes. Existing logs currently stored in Amazon S3 buckets in each individual member account should not be lost. Future member accounts should comply with the logging strategy. Which operationally efficient solution meets these requirements?
Options
- ACreate an AWS Lambda function in each member account with a cross-account role.
- BConfigure CloudTrail in each member account to deliver log events to a central S3 bucket.
- CConfigure an organization-level CloudTrail in the parent account to deliver log events to a central
- DConfigure an organization-level CloudTrail in the parent account to deliver log events to a central
Explanation
https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-trail-organization.html Best practices for moving from member account trails to organization trails why delete the existing CloudTrail and logs in the member accounts.
Community Discussion
No community discussion yet for this question.