Which AWS feature helps centralize and aggregate security and audit logs from multiple accounts?

Sharpen your skills for the AWS Certified Solutions Architect Professional Exam. Dive into flashcards, multiple choice questions, each with detailed explanations and hints. Perfect your knowledge and get ready to ace the AWS exam!

Multiple Choice

Which AWS feature helps centralize and aggregate security and audit logs from multiple accounts?

Explanation:
Centralized log collection across multiple AWS accounts is achieved with AWS CloudTrail Organization Trails that deliver to a central log sink. By enabling an organization-wide trail, API activity from every account in the AWS Organization is recorded and written to a single S3 bucket (the central log sink) in the designated account. You can also stream these logs to CloudWatch Logs for real-time monitoring. This setup provides a single, auditable repository of security and event data across all accounts, simplifying investigations, compliance, and governance. Other options don’t fit because they don’t aggregate security and audit logs across accounts: AWS Config multi-account configuration focuses on configuration history and compliance data rather than API activity logs; Amazon Macie is for discovering sensitive data in S3; AWS GuardDuty is a threat-detection service that analyzes logs but does not centralize logs across accounts.

Centralized log collection across multiple AWS accounts is achieved with AWS CloudTrail Organization Trails that deliver to a central log sink. By enabling an organization-wide trail, API activity from every account in the AWS Organization is recorded and written to a single S3 bucket (the central log sink) in the designated account. You can also stream these logs to CloudWatch Logs for real-time monitoring. This setup provides a single, auditable repository of security and event data across all accounts, simplifying investigations, compliance, and governance.

Other options don’t fit because they don’t aggregate security and audit logs across accounts: AWS Config multi-account configuration focuses on configuration history and compliance data rather than API activity logs; Amazon Macie is for discovering sensitive data in S3; AWS GuardDuty is a threat-detection service that analyzes logs but does not centralize logs across accounts.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy