AWS Certified Cloud Practitioner (CLF-C02) — Question 357

An Amazon EC2 instance previously used for development is inaccessible and no longer appears in the AWS Management Console.

Which AWS service should be used to determine what action made this EC2 instance inaccessible?

Answer options

• A. Amazon CloudWatch Logs
• B. AWS Security Hub
• C. Amazon Inspector
• D. AWS CloudTraiI

Correct answer: D

Explanation

AWS CloudTrail records API activity and history for your AWS account, allowing you to identify which user or role made the API call to terminate or modify the EC2 instance. Amazon CloudWatch Logs monitors application and system logs but does not track AWS management events, while Amazon Inspector and AWS Security Hub are designed for vulnerability scanning and security compliance rather than activity auditing.