Find answers, ask questions, and connect with our
community around the world.

Home Forums AWS AWS Certified Security – Specialty Misleading statement about CloudTrail and CloudWatch Logs Reply To: Misleading statement about CloudTrail and CloudWatch Logs

  • Jon-Bonso

    Administrator
    May 5, 2020 at 8:12 am

    Hi Mark,

    Thank you so much for bringing this up to our attention. I stand corrected, the rationale should say that CloudWatch can satisfy the requirement, but entails an additional cost (which is explicitly prohibited in the scenario).

    I have updated the explanation as follows:

    The option that says: Filter the CloudTrail data using the Amazon CloudWatch Logs console to track the user activity is incorrect because although you can use CloudWatch to view and search the API history of the access key within 90 days, this option entails an additional cost and extra steps to associate CloudWatch Logs to CloudTrail. Remember that the scenario mandates that the investigation should be done quickly and shouldn’t entail an additional cost.

    The change will be reflected in our practice tests soon. I appreciate your time sharing this constructive feedback. Let us know if you need further assistance. The Tutorials Dojo team is dedicated to help you pass your AWS exam on your first try!

    Regards,

    Jon Bonso @ Tutorials Dojo

    • This reply was modified 3 years, 10 months ago by  Jon-Bonso.