AWS Certified Solutions Architect - Associate > CloudTrail > Flashcards

CloudTrail Flashcards

This deck aims to help retain concepts related to the AWS CloudTrail service. (16 cards)

Start Studying
1
Q

What is the default data retention period for the CloudTrail service?

A

90 days

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which CloudTrail component allows logs to be delivered to S3, CloudWatch Logs, or CloudWatch Events?

A

Trail

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Is CloudTrail a real-time solution?

A

No, logs usually take up to 15 minutes to deliver

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

In which region are CloudTrail log events recorded for global services such as IAM, SNS, and CloudFront?

A

These events are logged in the us-east-1 region; only global trails can catch these logs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which types of events does CloudTrail log?

A
  • Management events
  • Data events
  • Insight events
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which type of CloudTrail events provides information known as control plane operations (e.g., resource creation, policy attachment)?

A

Management events

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which type of events does CloudTrail log by default?

A

Management events only

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which type of CloudTrail events provides information known as data plane operations (e.g., object deletion from an S3 bucket, SNS publish)?

A

Data events

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which type of CloudTrail events provides information on UNUSUAL API call rates or error rate activity (e.g., an account typically logs 20 deleteBucket API calls, but starts to log an average of 100 deleteBucket API calls)?

A

Insight events

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

How can you stop incurring charges for an AWS CloudTrail Trail?

A

By deleting the trail or temporarily stopping logging

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is required for a AWS S3 bucket owner to receive AWS CloudTrail object access logs?

A

The S3 bucket owner must also be the object owner or have permissions through the object ACL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which AWS CloudTrail feature ensures delivered log files haven’t been modified by generating digitally signed hashes and digest files?

A

Log file integrity validation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the purpose of AWS CloudTrail log file integrity validation?

A

Verify log integrity and detect unauthorized changes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How are the digest files used for AWS CloudTrail log integrity validation encrypted?

A

SSE‑S3 (Amazon S3‑managed encryption keys)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which type of CloudTrail trail collects events from all AWS Organizations member accounts?

A

Organization trail

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How can an organization trail deliver logs to an S3 bucket in a member account without additional cross‑account access?

Study These Flashcards
A

Bucket ARNs must be specified in the trail configuration

AWS Certified Solutions Architect - Associate (52 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions