AWS Certified Solutions Architect - Associate

Get started today

Ultimate access to all questions.

Deep dive into the quiz with AI chat providers.

We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.

A company has customers located across the world. The company wants to use automation to secure its systems and network infrastructure. The company's security team must be able to track and audit all incremental changes to the infrastructure.

Which solution will meet these requirements?

Other

Community

UAnonymous

Last updated: February 23, 2026 at 11:39

Use AWS Organizations to set up the infrastructure. Use AWS Config to track changes.

Use AWS CloudFormation to set up the infrastructure. Use AWS Config to track changes.

Use AWS Organizations to set up the infrastructure. Use AWS Service Catalog to track changes.

Use AWS CloudFormation to set up the infrastructure. Use AWS Service Catalog to track changes.

Explanation:

Explanation

Correct Answer: B - Use AWS CloudFormation to set up the infrastructure. Use AWS Config to track changes.

Why Option B is Correct:

AWS CloudFormation for Infrastructure Setup:
- AWS CloudFormation is an Infrastructure as Code (IaC) service that allows you to automate the provisioning and management of AWS resources using templates.
- It provides automation capabilities to securely set up systems and network infrastructure.
- CloudFormation templates can be version-controlled, enabling consistent and repeatable deployments across multiple regions worldwide.
AWS Config for Change Tracking and Auditing:
- AWS Config is specifically designed to track and audit configuration changes to AWS resources.
- It provides a detailed inventory of AWS resources and their configuration history.
- AWS Config records incremental changes to resources and provides a timeline of configuration changes.
- It enables compliance auditing and security analysis by showing who made changes, what changes were made, and when they occurred.

Why Other Options are Incorrect:

Option A: AWS Organizations is for managing multiple AWS accounts, not for setting up infrastructure. While AWS Config is correct for tracking changes, Organizations alone doesn't provide infrastructure automation.

Option C: AWS Organizations is for account management, and AWS Service Catalog is for creating and managing catalogs of IT services, not for tracking incremental infrastructure changes.

Option D: While AWS CloudFormation is correct for infrastructure setup, AWS Service Catalog is not designed for tracking and auditing incremental changes. Service Catalog is for managing approved IT services and products.

Key AWS Services Mentioned:

AWS CloudFormation: Infrastructure as Code service for automated provisioning
AWS Config: Configuration management service for tracking resource changes
AWS Organizations: Service for managing multiple AWS accounts
AWS Service Catalog: Service for creating and managing IT service catalogs

This solution provides both the automation needed for global infrastructure deployment and the detailed change tracking required for security auditing.

Powered ByGPT-5.2

Comments

Loading comments...