Which of the following are true regarding AWS CloudTrail? Choose 3 answers
A.
CloudTrail is enabled globally
B.
CloudTrail is enabled by default
C.
CloudTrail is enabled on a per-region basis
D.
CloudTrail is enabled on a per-service basis.
E.
Logs can be delivered to a single Amazon S3 bucket for aggregation.
F.
CloudTrail is enabled for all available services within a region.
G.
Logs can only be processed and delivered to the region in which they are generated.
Explanation:
A:have a trail with the Apply trail to all regions option enabled.
C:have multiple single region trails.
E: Log files from all the regions can be delivered to a single S3 bucket
Global service events are always delivered to trails that have the Apply trail to all regions
option enabled. Events are delivered from a single region to the bucket for the trail. This
setting cannot be changed.
If you have a single region trail, you should enable the Include global services option.
If you have multiple single region trails, you should enable the Include global services option
in only one of the trails.
D Incorrect: once enabled it is applicable for all the supported services, service can’t be
selected
14 AUG 2017
The key features of AWS CloudTrail are:
Always On: enabled on all AWS accounts and records your account activity upon account creation without the need to configure CloudTrail
Event History: view, search, and download your recent AWS account activity
Management Level Events: get details administrative actions such as creation, deletion, and modification of EC2 instances or S3 buckets
Data Level Events: record all API actions on Amazon S3 objects and receive detailed information about API actions
Log File Integrity Validation: validate the integrity of log files stored in your S3 bucket
Log File Encryption: service encrypts all log files by default delivered to your S3 bucket using S3 server-side encryption (SSE). Option to encrypt log files with AWS Key Management Service (AWS KMS) as well
Multi-region Configuration: configure service to deliver log files from multiple regions
For more info
https://aws.amazon.com/blogs/aws/new-amazon-web-services-extends-cloudtrail-to-all-aws-customers/