Certified Security - Specialty

Sign Up Free or Log In to participate!

Re the ‘CloudTrail: Restrict access’ slide:

I just wanted to be clear on the last point on the slide which reads:

Validate that logs have not been deleted using log file validation

The point here, as I understand it, is that given the log file bundle delivered from CloudTrail is checksummed/hashed in its entirety, deleting a log file from the bundle will invalidate that checksum value, correct?

Ah, never mind, you talk about the digest file delivered with the log files in a subsequent slide … 🙂

0 Answers

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?