For Individuals For Educators

Ace your certifications with Practice Exams and AI assistance.

Browse Exams
For Educators
Blog

Privacy Policy
Terms of Service
Cookie Policy
Support

AWS SAA Exam Prep
PMI PMP Exam Prep
CPA Exam Prep
GCP PCA Exam Prep

© 2026 TinyHive Labs. Company number 16262776.

Practice AWS Solutions Architect Professional (SAP-C02)AWS Solutions Architect Professional SAP-C02 Practice Exam 3Question 28

Medium1 markMultiple Choice

Domain 1.4: Multi-Account EnvironmentSecurityCloudTrailOrganizations

AWS SAP-C02 · Question 28 · Domain 1.4: Multi-Account Environment

A company has a centralized logging account. They want to ensure that AWS CloudTrail logs from all 100 member accounts in their Organization are sent to an S3 bucket in the logging account, and member account admins cannot disable this. What is the BEST solution?

Answer options:

A.

Create a CloudTrail trail in each account and configure cross-account S3 permissions.

B.

Create an Organization Trail in the management account.

C.

Use AWS Config to enforce CloudTrail enablement.

D.

Use an SCP to deny the cloudtrail:StopLogging action.

How to approach this question

Identify the centralized logging feature of AWS Organizations.

Full Answer

B.Create an Organization Trail in the management account.✓ Correct

An Organization Trail logs all events for all AWS accounts in the organization and prevents member accounts from modifying it.

Common mistakes

Relying on individual trails + SCPs instead of the native Organization Trail.

Question 27 All questions Question 29

Practice the full AWS Solutions Architect Professional SAP-C02 Practice Exam 3

75 questions · hints · full answers · grading

Sign up free Take the exam

More questions from this exam

Q01An enterprise has 100 VPCs across 5 AWS Regions. They need to establish a highly available, trans...Hard Q02A company uses AWS Organizations. The CISO requires that no EC2 instances can be launched outside...Medium Q03An application uses Amazon Aurora PostgreSQL. To meet disaster recovery requirements, the databas...Hard Q04A company is setting up a new multi-account AWS environment. They want to automate the creation o...Medium Q05An organization wants to allocate AWS costs to specific departments. They use multiple AWS accoun...Medium

View all 75 questions →