Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS Security Certification > Logging and Monitoring > Flashcards

Logging and Monitoring Flashcards

1
Q

Does Cloudtrail log RDP and SSH sessions ?

A

No

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What three activities does cloud trail enable ?

A
  • After the fact investigation
  • Near Real Time Intrusion Detection
  • Industry and Regulatory Compliance
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is logged by Cloudtrail

A
  1. Metadata around API Calls
  2. Identity of API Caller
  3. Time of API Call
  4. Source IP Address of Caller
  5. Request Parameters
  6. Response
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Who manages the retention of the Cloudtrail S3 bucket ?

A

You

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the potential delay in delivering Cloud trail results to the S3 bucket ?

A

15 mins

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Can Cloudtrail logs be aggregated across accounts ?

A

yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What management events options are available when setting up Cloudtrail

A
  1. All
  2. Read
  3. Write
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the Data Events options available to setting up Cloudtrail ?

A

The ability to see changes to S3 individual data items

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

When setting up cloudtrail what are the advanced settings available to you ?

A
  • Encryption
  • Log File Prefix
  • Encryption Validation
  • SNS for Log file Delivery
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

How do you validate cloudtrail logs ?

A

By using the digest files

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Why should you consider protecting your cloud trail logs ?

A

Cloudtrail logs can contain PII data as well as confidential configuration data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How can you protect cloudtrail data

A

IAM Bucket policies to restrict who has access and then SSE-S3 or SSE-KMS encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What AWS Managed policies are there for CloudTrail ?

A

FullAccess and ReadOnly

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are the three main elements of CloudWatch ?

A

Events, Logs and Cloudwatch itself

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are the main elements of Cloudwatch ?

A
  1. Realtime
  2. Metrics
  3. Alarms
  4. Notifications
  5. Custom Metrics
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Can Cloudwatch store custom application logs ?

17
Q

What are the two types of Events we can create ?

A

Scheduled and Event Pattern

18
Q

What are the two main differences between AWS Config and Prowler ?

A

Historical analysis replay and remediation

19
Q

What are Config custom rules ?

A

Rules that can be written that can interact with AWS Lambda

20
Q

What is a config conformance pack ?

A

A yaml collection of rules that can be deployed as a single unit

21
Q

What are the three options for AWS Config aggregators ?

A

Multiple Accounts Multiple Regions

Single account multiple regions

Org all accounts

AWS Security Certification (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions