SCS-C02 Security Logging and Monitoring • Set 17
SCS-C02 Security Logging and Monitoring Practice Test 17 — 15 questions with explanations. Free, no signup.
A security engineer is investigating a potential compromise. They notice that an IAM user 'svc-backup' has been making unusual API calls from an IP address outside the company's VPC. The engineer wants to ensure all future API calls from this user are logged with full event details. However, the current CloudTrail trail is set to log only management events. What should the engineer do to capture the required details?