🔥 3-day streak
AWS Certified Security - Specialty26 / 157
Question 26 of 157
A financial services company runs AWS Control Tower with a multi-account landing zone. The central security team wants to run advanced, custom Security Hub and GuardDuty administration across all member accounts, but the company's compliance policy forbids using the Organizations management account for any day-to-day operational security work. The team needs to grant a dedicated Audit account the ability to centrally manage these security services organization-wide. What is the recommended approach to meet this requirement while following AWS best practices?
Reviewed for accuracy · Report an issueNext question