Amazon Exam SOA-C02 Topic 6 Question 113 Discussion

Actual exam question for Amazon's SOA-C02 exam

Question #: 113
Topic #: 6

A company requires that all activity in its AWS account be logged using AWS CloudTrail. Additionally, a SysOps administrator must know when CloudTrail log files are modified or deleted.

How should the SysOps administrator meet these requirements?

AEnable log file integrity validation Use the AWS CLI to validate the log files.

BEnable log file integrity validation. Use the AWS CloudTrail .Processing Library to validate the log files.

CUse CloudTrail Insights to monitor the log files for modifications.

DUse Amazon CloudWatch Logs to monitor the log files for modifications.

Show Suggested Answer

Suggested Answer: A

CloudTrail Log File Integrity Validation:

AWS CloudTrail provides a feature for log file integrity validation to ensure logs have not been modified or deleted.

Steps to Enable and Validate:

Enable Log File Integrity Validation:

Go to the CloudTrail Console.

Select or create a trail.

In the trail settings, enable Log file validation.

Use the AWS CLI for Validation:

Use the following CLI command:

aws cloudtrail validate-logs --trail-name <trail-name>

This command validates the digest files generated by CloudTrail against the log files.

Why Other Options Are Incorrect:

B: Using the AWS CloudTrail Processing Library is unnecessary for validation.

C: CloudTrail Insights is designed to identify unusual activity, not monitor log modifications.

D: Amazon CloudWatch Logs cannot directly monitor CloudTrail logs for integrity.

CloudTrail Log File Validation

AWS CLI Command for Validation

by Delbert at Mar 19, 2025, 01:27 PM

Limited Time Offer

25%

Off

Get Premium SOA-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!