Answer-first summary for fast verification
Answer: AWS Control Tower
AWS Control Tower is the correct answer because it provides a comprehensive solution for setting up and governing a secure, multi-account AWS environment following AWS best practices and the AWS Well-Architected Framework. Key reasons: - **AWS Organizations Integration**: Control Tower works seamlessly with AWS Organizations to manage multiple AWS accounts - **Security Best Practices**: It automatically implements security guardrails and compliance controls based on AWS Well-Architected Framework principles - **Multi-Account Governance**: Provides centralized governance across all accounts in the organization - **Automated Setup**: Automates the setup of a secure landing zone with pre-configured security and compliance controls The other options: - **Amazon Macie**: A data security service that uses machine learning to discover and protect sensitive data - **Amazon Detective**: A security service that helps analyze, investigate, and identify the root cause of security issues - **AWS Secrets Manager**: A service to securely store, retrieve, and manage secrets like database credentials and API keys Only AWS Control Tower provides the comprehensive governance framework needed to apply security best practices across all AWS accounts in an organization.
Author: Ritesh Yadav
Ultimate access to all questions.
A company uses AWS Organizations. The company wants to apply security best practices from the AWS Well-Architected Framework to all of its AWS accounts.
Which AWS service will meet these requirements?
A
Amazon Macie
B
Amazon Detective
C
AWS Control Tower
D
AWS Secrets Manager
No comments yet.