A company needs to identify the last time that a specific user accesse (CLF-C02)

Correct answer: B. AWS CloudTrail.
AWS CloudTrail is a service that provides a record of all API calls made within your AWS account, including console sign-in events. This includes information about the user who made the call, the time the call was made, and the resources that were accessed.

CloudTrail provides a detailed history of all API calls, including:
Console sign-in events, including the time and date of the last sign-in
API calls made by users, roles, and services
Resource changes, such as creating or deleting resources
The other options are not correct because:

Amazon Cognito is a service that provides user identity and access management for web and mobile applications, but it does not provide information about AWS Management Console access.
Amazon Inspector is a service that provides automated security assessments and compliance checks for AWS resources, but it does not provide information about user access to the AWS Management Console.
Amazon GuardDuty is a service that provides threat detection and monitoring for AWS resources, but it does not provide information about user access to the AWS Management Console.
By using CloudTrail, the company can easily identify the last time a specific user accessed the AWS Management Console.