Explanation:
AWS CloudTrail is designed to log all API calls made to AWS services, providing detailed records that can be crucial for root cause analysis during a security incident. CloudWatch is more focused on monitoring and alarms, AWS Config records configuration changes, and GuardDuty is an intrusion detection service.
Ultimate access to all questions.
During a security incident, you need to perform root cause analysis to understand how the breach occurred. Which AWS service would you use to review detailed logs of API calls made to AWS services?
A
AWS CloudTrail
B
Amazon CloudWatch
C
AWS Config
D
Amazon GuardDuty
No comments yet.