CLF-C02 Domain 2: Security and Compliance

AWS CloudTrail is used to:

Multiple choice — select one answer

Answer choices

  1. a. Threat detection based on logs and activity, using shared credentials instead of individual accountability.
  2. b. Log API activity across your AWS account
  3. c. Centrally configure WAF rules across accounts, using shared credentials instead of individual accountability.
  4. d. Store static website assets, while leaving refresh tokens and OAuth consent grants active pending user callback

Architectural breakdown & explanation

CloudTrail records AWS API calls for auditing and governance.

Correct answer(s): b. Log API activity across your AWS account

Exam domain: Domain 2: Security and Compliance (30% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the AWS Certified Cloud Practitioner bank. Run a full timed practice exam with domain-weighted random questions in your browser.