AWS Certified Cloud Practitioner
Get started today
Ultimate access to all questions.
Deep dive into the quiz with AI chat providers.
We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.
Which AWS service is used to track, record, and audit configuration changes made to AWS resources?
Real Exam
Community
RRitesh
A
AWS Shield
B
AWS Config
C
AWS IAM
D
Amazon Inspector
Explanation:
Explanation:
AWS Config is the correct service for tracking, recording, and auditing configuration changes to AWS resources. Here's why:
Key Features of AWS Config:
-
Configuration History: Maintains a detailed history of configuration changes for AWS resources
-
Compliance Monitoring: Continuously monitors and records resource configurations
-
Change Tracking: Provides visibility into how resources are configured and how they change over time
-
Audit Trail: Creates an audit trail of configuration changes for security and compliance purposes
Why other options are incorrect:
-
AWS Shield: This is a managed DDoS protection service, not for configuration tracking
-
AWS IAM: Identity and Access Management service for controlling access to AWS resources, not for configuration change tracking
-
Amazon Inspector: Automated security assessment service that checks for security vulnerabilities, not for configuration change auditing
Use Cases for AWS Config:
-
Security Compliance: Ensure resources comply with security policies
-
Change Management: Track who made changes and when
-
Troubleshooting: Identify configuration changes that may have caused issues
-
Audit Requirements: Meet regulatory and compliance audit requirements
AWS Config helps organizations maintain visibility and control over their AWS resource configurations, making it essential for governance and compliance.
Comments
Loading comments...