SAA-C03 Design Secure Architectures • Set 2
SAA-C03 Design Secure Architectures Practice Test 2 — 15 questions with explanations. Free, no signup.
A team wants detective controls to investigate suspected exfiltration from an S3 bucket. They need to know when objects are accessed (GetObject) and also when new encrypted objects are written.
They already enabled AWS CloudTrail for management events, but their investigation shows no visibility into object-level reads/writes in the logs they review.
Which CloudTrail configuration change most directly provides the missing object-level visibility?