A company has a forensic logging use case whereby several hundred applications running on Docker on EC2 need to send logs to a central location. The SecurityEngineer must create a logging solution that is able to perform real-time analytics on the log files, grants the ability to replay events, and persists data.Which AWS Services, together, can satisfy this use case? (Choose two.)
Which of the following is the most efficient way to automate the encryption of AWS CloudTrail logs using a Customer Master Key (CMK) in AWS KMS?
An organization is using AWS CloudTrail, Amazon CloudWatch Logs, and Amazon CloudWatch to send alerts when new access keys are created. However, the alerts are no longer appearing in the Security Operations mail box.Which of the following actions would resolve this issue?
A Security Engineer must add additional protection to a legacy web application by adding the following HTTP security headers:-Content Security-Policy-X-Frame-Options-X-XSS-ProtectionThe Engineer does not have access to the source code of the legacy web application.Which of the following approaches would meet this requirement?
During a security event, it is discovered that some Amazon EC2 instances have not been sending Amazon CloudWatch logs.Which steps can the Security Engineer take to troubleshoot this issue? (Choose two.)
The Security team believes that a former employee may have gained unauthorized access to AWS resources sometime in the past 3 months by using an identified access key.What approach would enable the Security team to find out what the former employee may have done within AWS?
