Correct Answer: B.
Option A is incorrect.
AWS Config works with rules.
An Organization may have defined various compliance rules for various AWS services.
These rules can be defined in AWS Config and data aggregated centrally for measuring compliance.
Option B is CORRECT.
AWS Organizations helps configure policies related to different services centrally.
Also known as Service Control Policies (SCP), they can be defined for your entire Organization.
As an example if you have configured a central logging of all API calls using CloudTrail, member accounts cannot override that policy using IAM policies.
Option C is incorrect.
AWS Inspector automates DevSecOps in the cloud by detecting security vulnerabilities in EC2 workloads.
Option D is incorrect.
Only AWS Organizations have the ability to provide a central management of all my AWS accounts.
