SOA-C03 · Question #32
SOA-C03 Question #32: Real Exam Question with Answer & Explanation
Sign in or unlock SOA-C03 to reveal the answer and full explanation for question #32. The question stem and answer options stay visible for context.
Question
A multinational company uses an organization in AWS Organizations to manage over 200 member accounts across multiple AWS Regions. The company must ensure that all AWS resources meet specific security requirements. The company must not deploy any EC2 instances in the ap-southeast-2 Region. The company must completely block root user actions in all member accounts. The company must prevent any user from deleting AWS CloudTrail logs, including administrators. The company requires a centrally managed solution that the company can automatically apply to all existing and future accounts. Which solution will meet these requirements?
Options
- ACreate AWS Config rules with remediation actions in each account to detect policy violations.
- BEnable AWS Security Hub across the organization. Create custom security standards to enforce
- CUse AWS Control Tower for account governance. Configure Region deny controls. Use Service
- DConfigure AWS Firewall Manager with security policies to meet the security requirements. Use an
Unlock SOA-C03 to see the answer
You've previewed enough free SOA-C03 questions. Unlock SOA-C03 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.