SCS-C03 · Question #143
SCS-C03 Question #143: Real Exam Question with Answer & Explanation
Sign in or unlock SCS-C03 to reveal the answer and full explanation for question #143. The question stem and answer options stay visible for context.
Question
A company uses an organization in AWS Organizations to manage its 250 member accounts. The company also uses AWS IAM Identity Center with a SAML external identity provider (IdP). IAM Identity Center has been delegated to a member account. The company's security team has access to the delegated account. The security team has been investigating a malicious internal user who might be accessing sensitive accounts. The security team needs to know when the user logged into the organization during the last 7 days. Which solution will quickly identify the access attempts?
Options
- AIn the delegated account, use Amazon CloudWatch Logs to search for events that match the user
- BIn each member account, use the IAM Identity Center console to search for events that match the
- CIn the external IdP, use Amazon EventBridge to search for events that match the user details for
- DIn the organization's management account, use AWS CloudTrail to search for events that match
Unlock SCS-C03 to see the answer
You've previewed enough free SCS-C03 questions. Unlock SCS-C03 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.