AWS Certified SysOps Administrator Practice Exam

Disable ads (and more) with a membership for a one time $4.99 payment

Prepare for the AWS Certified SysOps Administrator Exam. Utilize flashcards, multiple-choice questions, tips, and in-depth explanations. Get exam-ready!

Start Multiple Choice Practice Test
Start Flash Cards

Practice this question and more.

When using CloudTrail, how can you ensure logs are not tampered with over time?

  1. Enable encryption for the logs

  2. Maintain multiple copies of the logs

  3. Utilize log file integrity validation

  4. Restrict access to the logs using IAM policies

The correct answer is: Utilize log file integrity validation

Utilizing log file integrity validation is essential for ensuring that logs generated by AWS CloudTrail remain unaltered over time. This feature allows you to verify that the logs have not been modified after they were written. When enabled, CloudTrail generates a digest file for each log file, which is a cryptographic hash that can be used to validate the integrity of the log files. By checking the integrity hashes against the contents of the log files, you can ascertain if any modifications or tampering has occurred since the logs were created. This method provides a reliable way to ensure compliance and maintain trust in your auditing processes. The other methods mentioned may provide some level of security or redundancy, but they do not specifically address the issue of log integrity in the same way that log file integrity validation does. For instance, while encryption can protect against unauthorized access, it doesn't prevent changes to the logs themselves. Similarly, maintaining multiple copies enhances availability but does not ensure that any individual copy remains untampered. Access restrictions through IAM policies can control who can view or manipulate logs, but they do not inherently validate the changes made to the logs over time.

More Questions Like This