AWS Certified SysOps Administrator – Associate — Question 357

A SysOps administrator has noticed millions of LIST requests on an Amazon S3 bucket.

Which services or features can the administrator use to investigate where the requests are coming from? (Choose two.)

Answer options

• A. AWS CloudTrail data events
• B. Amazon EventBridge
• C. AWS Health Dashboard
• D. Amazon S3 server access logging
• E. AWS Trusted Advisor

Correct answer: A, D

Explanation

AWS CloudTrail data events log detailed bucket-level API actions, including the IP address and IAM identity of the requester for S3 LIST operations. Similarly, Amazon S3 server access logging captures detailed records of all requests made to a bucket, allowing administrators to analyze the source of the traffic. Other services like EventBridge, AWS Health Dashboard, and Trusted Advisor do not provide the detailed, request-level source tracking needed for this investigation.