A company's AWS CloudTrail logs are all centrally stored in an Amazon S3 bucket. The security team controls the company's AWS account. The security team must prevent unauthorized access and tampering of the CloudTrail logs. Which combination of steps should the security team take? (Choose three.) A. Configure server-side encryption with AWS KMS managed encryption keys (SSE-KMS). B. Compress log files with secure gzip. C. Create an Amazon EventBridge rule to notify the security team of any modifications on CloudTrail log files. D. Implement least privilege access to the S3 bucket by configuring a bucket policy. E. Configure CloudTrail log file integrity validation. F. Configure Access Analyzer for S3.  Suggested Answer: ADE Community Answer: ADE This question is in SCS-C02 AWS Certified Security – Specialty Exam For getting AWS Certified Security – Specialty Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by Amazon. Trademarks, certification & product names are used for reference only and belong to Amazon. The website does not contain actual questions and answers from Amazon's Certification Exam.
Please login or Register to submit your answer