CloudTrail

Question 1

What does cloud trail do?

Answer 1

Records and tracks all API requests within your AWS account.

Question 2

Cloud trail requests can be initiated from.

Answer 2

SDKs
AWS CLI
AWS Mangement Console
AWS Services

Question 3

How often are cloud trail logs created?

Answer 3

Every five minutes.

Question 4

Where are cloud trail logs stored?

Answer 4

S3

Question 5

If you want to monitor cloud trail logs automatically. What service will help you do this?

Answer 5

Cloud watch Logs.

Question 6

What format are log files?

Answer 6

JSON

Question 7

How long does it take for cloud trail logs to appear in S3?

Answer 7

Up to an hour.

Question 8

What are the steps to merge cloudtrails from multiple accounts, into one?

Answer 8

1. Create a role in the primary account
2. Attatch a cross account read only role
3. Assign a user in the secondary account with the correct policy

Question 9

What is the purpose of cloud trail digest files?

Answer 9

They help you verify your logs and make sure they have not been tampered with.

Question 10

How often are cloud trail digest files created?

Answer 10

Hourly.

Question 11

Cloud trail digest logs are signed with a private key pair. True or false?

Answer 11

True

Question 12

If you enable cloud trail for all regions. And AWS adds a region. Is this new region automatically included?

Answer 12

Yes