Home › AWS Security › cloudcomputing › scsloggingmon › Which CloudTrail feature lets a security enginee…
Which CloudTrail feature lets a security engineer DETECT unusual API-call patterns (e.g. spike in IAM CreateRole, unusual region activity) using ML — different from regular API logging?
ADisabling CloudTrail
BAWS Snowball
CCloudTrail Insights
DAmazon Route 53
Answer & Solution
Correct answer: C. CloudTrail Insights
CloudTrail Insights is the ML-anomaly feature on CloudTrail (per SCS-C02 §2.5). The other options are unrelated.
Related questions
Which AWS feature lets a security engineer aggregate AWS Config findings across all accounA security engineer notices CloudWatch alarms aren't firing for an application metric. WhiWhich AWS service streams logs in near-real-time to OpenSearch / S3 / Redshift / Splunk foWhich AWS service is BEST suited for monitoring Application Load Balancer access logs at pAn architect needs a CENTRALISED, immutable, write-once log archive across all AWS accountWhich AWS service lets a security engineer query CloudWatch Logs with a purpose-built querWhich CloudWatch feature converts a regex pattern in log events into a metric — used to alWhich AWS service stores log data with subscription filters, metric filters, and integrati