Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Amazon Exam SOA-C02 Topic 6 Question 113 Discussion

Actual exam question for Amazon's SOA-C02 exam
Question #: 113
Topic #: 6
[All SOA-C02 Questions]

A company requires that all activity in its AWS account be logged using AWS CloudTrail. Additionally, a SysOps administrator must know when CloudTrail log files are modified or deleted.

How should the SysOps administrator meet these requirements?

Show Suggested Answer Hide Answer
Suggested Answer: A

CloudTrail Log File Integrity Validation:

AWS CloudTrail provides a feature for log file integrity validation to ensure logs have not been modified or deleted.

Steps to Enable and Validate:

Enable Log File Integrity Validation:

Go to the CloudTrail Console.

Select or create a trail.

In the trail settings, enable Log file validation.

Use the AWS CLI for Validation:

Use the following CLI command:

aws cloudtrail validate-logs --trail-name <trail-name>

This command validates the digest files generated by CloudTrail against the log files.

Why Other Options Are Incorrect:

B: Using the AWS CloudTrail Processing Library is unnecessary for validation.

C: CloudTrail Insights is designed to identify unusual activity, not monitor log modifications.

D: Amazon CloudWatch Logs cannot directly monitor CloudTrail logs for integrity.


CloudTrail Log File Validation

AWS CLI Command for Validation

by Delbert at Mar 19, 2025, 01:27 PM

Limited Time Offer

25%

Off

Get Premium SOA-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Stanford
7 days ago
I'm pretty sure the correct answer is E) Hire a team of monkeys to watch the logs 24/7. They'll let you know if anything suspicious happens.
upvoted 0 times
...
Bulah
8 days ago
Wait, are we supposed to be validating the logs or creating them? I'm so confused, I might just go with option A and use the AWS CLI.
upvoted 0 times
...
Juliana
9 days ago
D is a good choice. Using Amazon CloudWatch Logs to monitor the log files is a simple and straightforward solution.
upvoted 0 times
...
Lashawnda
14 days ago
Option C with CloudTrail Insights looks promising. Monitoring the logs for modifications directly within CloudTrail could be more efficient than using additional tools.
upvoted 0 times
...
Yolande
18 days ago
I think using CloudTrail Insights to monitor the log files for modifications could be a good approach as well.
upvoted 0 times
...
Fletcher
20 days ago
I believe option B is also a valid choice. Using the AWS CloudTrail Processing Library can help validate the log files.
upvoted 0 times
...
Svetlana
22 days ago
I agree with Annice. Using the AWS CLI to validate the log files is a good way to meet the requirements.
upvoted 0 times
...
Annice
1 months ago
I think the SysOps administrator should enable log file integrity validation.
upvoted 0 times
...
Bettina
1 months ago
I think option B is the way to go. The AWS CloudTrail Processing Library seems like the most robust and secure way to validate the log files.
upvoted 0 times
Darnell
5 days ago
I prefer option D, using Amazon CloudWatch Logs to monitor the log files.
upvoted 0 times
...
Adrianna
17 days ago
I think using the AWS CLI to validate the log files would be more efficient.
upvoted 0 times
...
Dahlia
24 days ago
I agree, option B with the AWS CloudTrail Processing Library sounds like the best choice.
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77