Final answer:
AWS Trusted Advisor is the service that provides infrastructure security optimization recommendations, guiding users on security best practices within AWS. AWS CloudTrail is for compliance and auditing, AWS Config for assessing and auditing configurations, and AWS IAM for managing users and permissions.
Step-by-step explanation:
The AWS service that provides infrastructure security optimization recommendations is AWS Trusted Advisor. This tool analyzes your AWS environment and provides best practice recommendations across five categories: cost optimization, performance, security, fault tolerance, and service limits. For infrastructure security specifically, AWS Trusted Advisor checks include recommendations on security groups, IAM use, MFA on the root account, and more.
AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account by logging events and API calls within your AWS environment. However, it does not provide optimization recommendations.
AWS Config is a service that allows you to assess, audit, and evaluate the configurations of your AWS resources. AWS Config can be used to make sure that the resources are compliant with the desired configurations, but it does not directly provide optimization recommendations.
AWS Identity and Access Management (IAM) helps you securely control access to AWS services and resources by managing users, groups, roles, and permissions. While IAM is essential for security, it is not designed to provide optimization recommendations.