The correct option is It reduces the chance that an attacker can alter or erase log records.

Centralizing logs into a single, protected repository reduces the risk that an attacker can remove or modify evidence because the attacker would need to compromise both the individual endpoints and the centralized store. Central storage also enables stronger access controls, immutability options, and separate retention policies which preserve the integrity of records for investigations.

Maintaining a centralized log repository makes it easier to ensure logs are transmitted securely and written to tamper resistant storage. That preservation of integrity and availability of records is the primary security benefit because it supports reliable forensics and accountability after an incident.

Cloud Logging is incorrect because it names a type of service rather than stating the security benefit provided by centralization. The option does not explain why central logs improve security.

It allows automated enforcement to block malicious traffic is incorrect because blocking is performed by enforcement controls such as firewalls, intrusion prevention systems, or access gateways. Centralized logs can inform or trigger those controls but the log repository itself does not perform the blocking.

It enables security teams to receive alerts about anomalous behavior is incorrect because alerting is an operational outcome of analysis and monitoring. While central logs support detection and alerting, the question asked for the primary security benefit which is protecting log integrity and preventing tampering so that evidence remains reliable.

Full AWS Practitioner Certification Question