試験AIF-C01-JPN トピック4 問題92 スレッド

AWS CloudTrail is a service that enables governance, compliance, and operational and risk auditing of your AWS account. It tracks API calls and identifies unauthorized access attempts to AWS resources, including Amazon Bedrock.
* AWS CloudTrail:
* Provides detailed logs of all API calls made within an AWS account, including those to Amazon Bedrock.
* Can identify unauthorized access attempts by logging and monitoring the API calls, which helps in setting appropriate IAM policies and roles.
* Why Option B is Correct:
* Monitoring and Security: CloudTrail logs all access requests and helps detect unauthorized access attempts.
* Auditing and Compliance: The logs can be used to audit user activity and enforce security measures.
* Why Other Options are Incorrect:
* A. AWS Audit Manager: Used for automating audit preparation, not for tracking real-time unauthorized access attempts.
* C. Amazon Fraud Detector: Designed to detect fraudulent online activities, not unauthorized access to AWS services.
* D. AWS Trusted Advisor: Provides best practice recommendations for AWS resources, not access monitoring.
Thus, B is the correct answer for identifying unauthorized users attempting to access Amazon Bedrock.