AWS Certified Cloud Practitioner (CLF-C02) — Question 705

Which AWS service or feature supports governance, compliance, and risk auditing of AWS accounts?

Answer options

• A. Multi-factor authentication (MFA)
• B. AWS Lambda
• C. Amazon Simple Notification Service (Amazon SNS)
• D. AWS CloudTrail

Correct answer: D

Explanation

AWS CloudTrail is the primary service for auditing, compliance, and governance because it records API calls and account activity across your AWS infrastructure. In contrast, Multi-factor authentication (MFA) is a security access control, AWS Lambda is a serverless compute service, and Amazon Simple Notification Service (Amazon SNS) is a messaging service, none of which provide comprehensive audit logging.