AWS Certified Security - Specialty
Get started today
Ultimate access to all questions.
Explain how you would prepare AWS services for an incident, specifically focusing on protecting and preserving forensic artifacts. Describe the use of S3 Object Lock, isolated forensic accounts, S3 Lifecycle, and S3 replication in this process.
Explain how you would prepare AWS services for an incident, specifically focusing on protecting and preserving forensic artifacts. Describe the use of S3 Object Lock, isolated forensic accounts, S3 Lifecycle, and S3 replication in this process.
Simulated
Explanation:
Preparing for an incident involves ensuring that forensic artifacts are securely stored and cannot be altered. Using an isolated forensic account enhances security by isolating sensitive data. S3 Object Lock provides immutability, ensuring that the data cannot be altered or deleted. Replicating these artifacts to another region using S3 replication ensures high availability and disaster recovery capabilities.