Site icon Exam4Training

What should the SysOps administrator do to meet these requirements WITHOUT writing custom code?

exams

A SysOps administrator has enabled AWS CloudTrail in an AWS account. If CloudTrail is disabled, it must be re-enabled immediately.

What should the SysOps administrator do to meet these requirements WITHOUT writing custom code?
A . Add the AWS account to AWS Organizations. Enable CloudTrail in the management account.
B . Create an AWS Config rule that is invoked when CloudTrail configuration changes. Apply the AWS-ConfigureCloudTrailLogging automatic remediation action.
C . Create an AWS Config rule that is invoked when CloudTrail configuration changes. Configure the rule to invoke an AWS Lambda function to enable CloudTrail.
D . Create an Amazon EventBridge (Amazon CloudWatch Events) hourly rule with a schedule pattern to run an AWS Systems Manager Automation document to enable CloudTrail.

Answer: B

Explanation:

Step-by-Step

Understand the Problem:

CloudTrail must be re-enabled immediately if it is disabled.

Analyze the Requirements:

Implement an automatic solution to monitor and re-enable CloudTrail.

Evaluate the Options:

Option A: Add the AWS account to AWS Organizations and enable CloudTrail in the management account.

This provides centralized management but does not ensure automatic re-enabling of CloudTrail.

Option B: Create an AWS Config rule with automatic remediation.

AWS Config can monitor changes and automatically remediate by re-enabling CloudTrail.

Option C: Create an AWS Config rule that invokes a Lambda function.

This requires custom code, which is not preferred.

Option D: Create an EventBridge rule with a Systems Manager Automation document.

This can re-enable CloudTrail but is more complex compared to AWS Config’s built-in remediation.

Select the Best Solution:

Option B: Using AWS Config with automatic remediation ensures CloudTrail is re-enabled without writing custom code.

Reference: AWS Config Rules

Automatic Remediation with AWS Config

Creating an AWS Config rule with automatic remediation ensures that CloudTrail is immediately re-enabled if it is disabled.

Latest SOA-C02 Dumps Valid Version with 54 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download SOA-C02 PDF    SOA-C02 Questions Online Training
Exit mobile version