Answer-first summary for fast verification
Answer: AWS CloudTrail
AWS CloudTrail is designed to log all API calls made to AWS services, providing detailed records that can be crucial for root cause analysis during a security incident. CloudWatch is more focused on monitoring and alarms, AWS Config records configuration changes, and GuardDuty is an intrusion detection service.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
During a security incident, you need to perform root cause analysis to understand how the breach occurred. Which AWS service would you use to review detailed logs of API calls made to AWS services?
A
AWS CloudTrail
B
Amazon CloudWatch
C
AWS Config
D
Amazon GuardDuty