AWS Certified Cloud Practitioner (CLF-C02) — Question 176

A company needs to centrally configure and manage Amazon VPC security groups across multiple AWS accounts within an organization in AWS Organizations.

Which AWS service should the company use to meet these requirements?

Answer options

• A. AWS Firewall Manager
• B. Amazon GuardDuty
• C. Amazon Detective
• D. AWS WAF

Correct answer: A

Explanation

AWS Firewall Manager is specifically designed for managing security policies across multiple AWS accounts, making it the best choice for configuring VPC security groups centrally. The other options, such as Amazon GuardDuty and Amazon Detective, are focused on threat detection and investigation, while AWS WAF is centered on web application firewall capabilities, none of which directly address the management of VPC security groups.