AmazonAmazon
SCS-C02 · Question #233
SCS-C02 Question #233: Real Exam Question with Answer & Explanation
Sign in or unlock SCS-C02 to reveal the answer and full explanation for question #233. The question stem and answer options stay visible for context.
Submitted by amina.ke· Mar 6, 2026
Question
A company has configured an organization in AWS Organizations for its AWS accounts. AWS CloudTrail is enabled in all AWS Regions. A security engineer must implement a solution to prevent CloudTrail from being disabled. Which solution will meet this requirement?
Options
- AEnable CloudTrail log file integrity validation from the organization's management account.
- BEnable server-side encryption with AWS KMS keys (SSE-KMS) for CloudTrail logs. Create a
- CCreate an SCP that includes an explicit Deny rule for the StopLogging action and the DeleteTrail
- DCreate IAM policies for all the company's users to prevent the users from performing the
Unlock SCS-C02 to see the answer
You've previewed enough free SCS-C02 questions. Unlock SCS-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.