What steps should be taken to meet these requirements in the MOST secure manner?

Posted by: Pdfprep Category: SCS-C01 Tags: AWS Certified Specialty, SCS-C01 exam questions, SCS-C01 practice exam Post Date: January 19, 2021

An organization wants to log all AWS API calls made within all of its AWS accounts, and must have a central place to analyze these logs.

What steps should be taken to meet these requirements in the MOST secure manner? (Select TWO)
A . Turn on AWS CloudTrail in each AWS account
B . Turn on CloudTrail in only the account that will be storing the logs
C . Update the bucket ACL of the bucket in the account that will be storing the logs so that other accounts can log to it
D . Create a service-based role for CloudTrail and associate it with CloudTrail in each account
E . Update the bucket policy of the bucket in the account that will be storing the logs so that other accounts can log to it

Answer: A,E

What steps should be taken to meet these requirements in the MOST secure manner?

Author