AWS Certified Cloud Practitioner — Question 587

Which AWS services allow users to monitor and retain records of account activities that include governance, compliance, and auditing? (Choose two.)

Answer options

• A. Amazon CloudWatch
• B. AWS CloudTrail
• C. Amazon GuardDuty
• D. AWS Shield
• E. AWS WAF

Correct answer: A, B

Explanation

AWS CloudTrail records and retains account activity related to actions across your AWS infrastructure, providing a crucial audit trail for compliance and governance. Amazon CloudWatch complements this by collecting, monitoring, and storing log files and performance metrics from AWS resources. The other services (Amazon GuardDuty, AWS Shield, and AWS WAF) are security-focused tools designed for threat detection, DDoS protection, and web application filtering, not for general account auditing and activity logging.