Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Discussions
  1. Home
  2. Discussions
  3. Amazon Web Services
  4. AWS Certified Associate
  5. SOA-C01 Discussions
  6. SOA-C01 Exam Topic 3 Question 20 Discussion
 Amazon Web Services Discussions
Exam SOA-C01 All Questions
Exam SOA-C01 All Questions

View all questions & answers for the SOA-C01 exam

Go to Exam

Amazon Web Services AWS Certified Associate SOA-C01 Question # 20 Topic 3 Discussion

SOA-C01 Exam Topic 3 Question 20 Discussion:
Question #: 20
Topic #: 3

A company has several accounts between different teams and wants to increase its auditing and compliance capabilities The accounts are managed through AWS Organizations. Management wants to provide the security team with secure access to the account logs while also restricting the possibility for the logs to be modified.

How can a sysops administrator achieve this is with the LEAST amount of operational overhead?
A.

Store AWS CloudTrail logs in Amazon S3 in each account Create a new account to store compliance data and replicate the objects into the newly created account

B.

Store AWS CloudTrail logs in Amazon S3 in each account. Create an 1AM user with read-only access to the CloudTrail logs

C.

From the master account create an organization trail using AWS CloudTrail and apply it to all Regions Use 1AM roles to restrict access.

D.

Use an AWS CloudFormation stack set to create an AWS CloudTrail trail in every account and restrict permissions to modify the logs

Get Premium SOA-C01 Questions
Actual exam question for Amazon Web Services SOA-C01 exam by Hale27665 at May 1, 2026, 2:33:57 PM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit