AmazonAmazon
SCS-C03 · Question #144
SCS-C03 Question #144: Real Exam Question with Answer & Explanation
Sign in or unlock SCS-C03 to reveal the answer and full explanation for question #144. The question stem and answer options stay visible for context.
Submitted by diego_uy· Mar 6, 2026
Question
A company has configured an organization in AWS Organizations for its AWS accounts. AWS CloudTrail is enabled in all AWS Regions. A security engineer must implement a solution to prevent CloudTrail from being disabled. Which solution will meet this requirement?
Options
- AEnable CloudTrail log file integrity validation from the organization's management account.
- BEnable server-side encryption with AWS KMS keys (SSE-KMS) for CloudTrail logs. Create a
- CCreate a service control policy (SCP) that includes an explicit Deny rule for the
- DCreate IAM policies for all the company's users to prevent the users from performing the
Unlock SCS-C03 to see the answer
You've previewed enough free SCS-C03 questions. Unlock SCS-C03 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.