The quiz states that the answer is "It prevents unauthorized users from accessing your account and launching AWS resources". But, isn’t CloudTrail used for logging/auditing only? I know it can restrict access to logs, but can it also prevent access to an account and stop someone from launching AWS resources?
Good to see you realized the correct answer.
I read this question wrong. For some reason the capitalized "NOT" did not register with me. I’ve been studying too much. Time to take a break. Thanks!