SOA-C02 · Question #337
SOA-C02 Question #337: Real Exam Question with Answer & Explanation
The correct answer is C: Search AWS CloudTrail event history tor all events initiated with the compromised access key. You can troubleshoot operational and security incidents over the past 90 days in the CloudTrail console by viewing Event history. https://docs.aws.amazon.com/awscloudtrail/latest/userguide/view-cloudtrail-events.html
Question
A SysOps administrator trust manage the security of An AWS account Recently an IAM users access key was mistakenly uploaded to a public code repository. The SysOps administrator must identity anything that was changed by using this access key.
Options
- ACreate an Amazon EventBridge (Amazon CloudWatch Events) rule to send all IAM events lo an
- BQuery Amazon EC2 togs by using Amazon CloudWatch Logs Insights for all events Heated with
- CSearch AWS CloudTrail event history tor all events initiated with the compromised access key
- DSearch VPC Flow Logs foe all events initiated with the compromised access key within the
Explanation
You can troubleshoot operational and security incidents over the past 90 days in the CloudTrail console by viewing Event history. https://docs.aws.amazon.com/awscloudtrail/latest/userguide/view-cloudtrail-events.html
Community Discussion
No community discussion yet for this question.