New Year Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmasmnth

A company has configured an organization in AWS Organizations for its AWS accounts.

  1. Home
  2. Amazon Web Services
  3. AWS Certified Specialty
  4. SCS-C02
  5. SCS-C02 Questions
  6. AWS Certified Security - Specialty Practice Questions

A company has configured an organization in AWS Organizations for its AWS accounts. AWS CloudTrail is enabled in all AWS Regions. A security engineer must implement a solution to prevent CloudTrail from being disabled. Which solution will meet this requirement?

A.

Enable CloudTrail log file integrity validation from the organization's management account.

B.

Enable server-side encryption with AWS KMS keys (SSE-KMS) for CloudTrail logs. Create a KMS key Attach a policy to the key to prevent decryption of the logs

C.

Create an SCP that includes an explicit Deny rule for the StopLogging action and the DeleteTrail action. Attach the SCP to the root OU.

D.

Create 1AM policies for all the company's users to prevent the users from performing the DescribeTrails action and the GetTrailStatus action.

Amazon Web Services SCS-C02 View All Questions

Amazon Web Services SCS-C02 Summary

  • Vendor: Amazon Web Services
  • Product: SCS-C02
  • Update on: Dec 19, 2025
  • Questions: 467
Price: $52.5  $149.99
Buy Now SCS-C02 PDF + Testing Engine Pack
Next
A security team is developing an application on an Amazon EC2 instance to get objects...
A security engineer is implementing authentication for a multi-account environment by using federated access with...
Previous

Payments We Accept

Your purchase with ExamsVCE is safe and fast. Your products will be available for immediate download after your payment has been received.
The ExamsVCE website is protected by 256-bit SSL from McAfee, the leader in online security.

examsvce payment method

Contact Us

Copyright © 2013-2025 examsvce.com. All Rights Reserved
mcafee secure

TESTED 19 Dec 2025