Which actions must the Security Engineer take to address these audit findings?
A recent security audit found that IAM CloudTrail logs are insufficiently protected from tampering and unauthorized access
Which actions must the Security Engineer take to address these audit findings? (Select THREE)
A . Ensure CloudTrail log file validation is turned on
B . Configure an S3 lifecycle rule to periodically archive CloudTrail logs into Glacier for long-term storage
C . Use an S3 bucket with tight access controls that exists m a separate account
D . Use Amazon Inspector to monitor the file integrity of CloudTrail log files.
E . Request a certificate through ACM and use a generated certificate private key to encrypt CloudTrail log files
F . Encrypt the CloudTrail log files with server-side encryption with IAM KMS-managed keys (SSE-KMS)
Answer: A C F
Latest SCS-C02 Dumps Valid Version with 235 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund