AWS Certified Security – Specialty SCS-C01 – Question284

A company's security team suspects that an insider threat is present. The security team is basing its suspicion on activity that occurred in one of the company's AWS accounts. The activity was performed with the AWS account root user credentials. The root user has no access keys. The company uses AWS Organizations, and the account where the activity occurred is in an OU.
A security engineer needs to take away the root user's ability to make any updates to the account. The root user password cannot be changed to accomplish this goal.
Which solution will meet these requirements?

A.
Attach the following SCP to the account:

B. Attach the following SCP to the account:

C. Attach the following SCP to the account:

D. Attach the following inline IAM policy to the root user:

Correct Answer: C