A Security Engineer must enforce the use of only Amazon EC2, Amazon S3, Amazon RDS, Amazon DynamoDB, and AWS STS in specific accounts. What is a scalable and ef...


Amazon SCS-C01 Exam

Questions Number: 23 out of 160 Questions
14.37%

Question 23
A Security Engineer must enforce the use of only Amazon EC2, Amazon S3, Amazon RDS, Amazon DynamoDB, and AWS STS in specific accounts.
What is a scalable and efficient approach to meet this requirement?
A. Set up an AWS Organizations hierarchy, and replace the FullAWSAccess policy with the following Service Control Policy for the governed organization units:
Image SCS-C01_23QA.png related to the Amazon SCS-C01 Exam
B. Create multiple IAM users for the regulated accounts, and attach the following policy statement to restrict services as required:
Image SCS-C01_23QB.png related to the Amazon SCS-C01 Exam
C. Set up an Organizations hierarchy, replace the global FullAWSAccess with the following Service Control Policy at the top level:
Image SCS-C01_23QC.png related to the Amazon SCS-C01 Exam
D. Set up all users in the Active Directory for federated access to all accounts in the company. Associate Active Directory groups with IAM groups, and attach the following policy statement to restrict services as required:
Image SCS-C01_23QD.png related to the Amazon SCS-C01 Exam




Previous Questions Next Questions

Question: 1 Question: 2 Question: 3 Question: 4 Question: 5 Question: 6 Question: 7 Question: 8 Question: 9 Question: 10 Question: 11 Question: 12 Question: 13 Question: 14 Question: 15 Question: 16 Question: 17 Question: 18 Question: 19 Question: 20 Question: 21 Question: 22 Question: 23 Question: 24 Question: 25 Question: 26 Question: 27 Question: 28 Question: 29 Question: 30 Question: 31 Question: 32 Question: 33 Question: 34 Question: 35 Question: 36 Question: 37 Question: 38 Question: 39 Question: 40 Question: 41 Question: 42 Question: 43 Question: 44 Question: 45 Question: 46 Question: 47 Question: 48 Question: 49 Question: 50 Question: 51 Question: 52 Question: 53 Question: 54 Question: 55 Question: 56 Question: 57 Question: 58 Question: 59 Question: 60 Question: 61 Question: 62 Question: 63 Question: 64 Question: 65 Question: 66 Question: 67 Question: 68 Question: 69 Question: 70 Question: 71 Question: 72 Question: 73 Question: 74 Question: 75 Question: 76 Question: 77 Question: 78 Question: 79 Question: 80 Question: 81 Question: 82 Question: 83 Question: 84 Question: 85 Question: 86 Question: 87 Question: 88 Question: 89 Question: 90 Question: 91 Question: 92 Question: 93 Question: 94 Question: 95 Question: 96 Question: 97 Question: 98 Question: 99 Question: 100 Question: 101 Question: 102 Question: 103 Question: 104 Question: 105 Question: 106 Question: 107 Question: 108 Question: 109 Question: 110 Question: 111 Question: 112 Question: 113 Question: 114 Question: 115 Question: 116 Question: 117 Question: 118 Question: 119 Question: 120 Question: 121 Question: 122 Question: 123 Question: 124 Question: 125 Question: 126 Question: 127 Question: 128 Question: 129 Question: 130 Question: 131 Question: 132 Question: 133 Question: 134 Question: 135 Question: 136 Question: 137 Question: 138 Question: 139 Question: 140 Question: 141 Question: 142 Question: 143 Question: 144 Question: 145 Question: 146 Question: 147 Question: 148 Question: 149 Question: 150 Question: 151 Question: 152 Question: 153 Question: 154 Question: 155 Question: 156 Question: 157 Question: 158 Question: 159 Question: 160