The correct answer is C. To ensure that cost usage tags are not modified without authorization in multiple AWS accounts within an AWS Organization, you should use a Service Control Policy (SCP). SCPs allow you to manage permissions for the accounts in your organization. By using an SCP, you can define policies that prevent tag modification and specify exceptions for authorized principals. This provides a centralized and efficient way to enforce these restrictions across all accounts in the organization.