A company has hired a third-party security auditor, and the auditor needs read-only access to all AWS resources and logs of all VPC records and events that have occurred on AWS.
How can the company meet the auditor’s requirements without comprising security in the AWS environment? Choose the correct answer from the options below
A . Create a role that has the required permissions for the auditor.
B . Create an SNS notification that sends the CloudTrail log files to the auditor’s email when CIoudTrail delivers the logs to S3, but do not allow the auditor access to the AWS environment.
C . The company should contact AWS as part of the shared responsibility model, and AWS will grant required access to th^ third-party auditor.
D . Enable CloudTrail logging and create an IAM user who has read-only permissions to the required AWS resources, including the bucket containing the CloudTrail logs.
Answer: D
Explanation:
AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain events related to API calls across your AWS infrastructure. CloudTrail provides a history of AWS API calls for your account including API calls made through the AWS Management Console, AWS SDKs, command line tools, and other AWS services. This history simplifies security analysis, resource change tracking, and troubleshooting.
Option A and C are incorrect since Cloudtrail needs to be used as part of the solution Option B is incorrect since the auditor needs to have access to Cloudtrail For more information on cloudtrail, please visit the below URL:
https://aws.amazon.com/cloudtraiL
The correct answer is: Enable CloudTrail logging and create an IAM user who has read-only permissions to the required AWS resources, including the bucket containing the CloudTrail logs.
Submit your Feedback/Queries to our Experts
Leave a Reply