Exam AWS Certified Solutions Architect - Professional SAP-C02 topic 1 question 419 discussion

option D meets the requirements of providing a centralized view of the security state of all accounts: Centralized view: AWS Security Hub provides a unified view of security findings across multiple AWS services and accounts, making it easy to monitor the security posture of your organization. Delegated administration: By designating one account as the delegated administrator for Security Hub, you can centralize the management of Security Hub across all accounts in the organization. Integration with AWS Organizations: Enabling Security Hub at the organization level allows you to see the security findings from all member accounts in a single view.

Option D: Enable AWS Security Hub and use Central Configuration for multiple AWS account and delegated Sec Hub Admin. "Central configuration is a Security Hub feature that helps you set up and manage Security Hub across multiple AWS accounts and AWS Regions & From the delegated Security Hub administrator account, you can specify how the Security Hub service, security standards, and security controls are configured in your organization accounts and organizational units (OUs) across Regions" (1) https://docs.aws.amazon.com/securityhub/latest/userguide/central-configuration-intro.html (2) https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-setup-prereqs.html

Option D

centralized view == security hub

D https://aws.amazon.com/blogs/mt/centralized-dashboard-for-aws-config-and-aws-security-hub/

Correct Answer A https://aws.amazon.com/blogs/mt/extend-aws-control-tower-governance-using-aws-config-conformance-packs/

https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_delegated_admin.html

Correct Answer is D