Check whether any application log entries were rejected because of invalid time stamps by reviewing / var/cwlogs/rejects.log. Check that the trust relationship grants the service “cwlogs.amazonaws” permission to write objects to the Amazon S3 staging bucket. Verify that the time zone on the application servers is in UT 15. A Security Engineer must design a solution that enables the incident Response team to audit for changes to a user’s IAM permissions in the case of a security incident. How can this be accomplished? Use AWS Config to review the IAM policy assigned to users before and after the incident. Run the GenerateCredentialReport via the AWS CLI, and copy the output to Amazon S3 daily for auditing purposes. Copy AWS CloudFormation templates to S3, and audit for changes from the template. Use Amazon EC2 Systems Manager to deploy images, and review AWS CloudTrail logs for changes. 16. A company has complex connectivity rules governing ingress, egress, and communications between Amazon EC2 instances.
Click Here More Info >>>>>