🔥 3-day streak
AWS Certified Advanced Networking - Specialty137 / 141
Question 137 of 141
A financial services company must retain AWS WAF web ACL logs for a compliance audit. Requirements state that all WAF traffic logs must be captured, encrypted at rest with a customer-managed KMS key, and delivered to a central logging account's S3 bucket. The security team enables WAF logging directly to an Amazon S3 bucket in the same account, but the auditor rejects the setup because logs are not encrypted with the company's customer-managed key and are not centralized. Which configuration meets all requirements?
Reviewed for accuracy · Report an issueNext question