Big Halloween Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: simple70

  1. Home
  2. Discussions
  3. Amazon Web Services
  4. AWS Certified Professional
  5. SAP-C02 Discussions
  6. SAP-C02 Exam Topic 7 Question 65 Discussion

Amazon Web Services AWS Certified Solutions Architect - Professional SAP-C02 Question # 65 Topic 7 Discussion

 Amazon Web Services Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

Amazon Web Services AWS Certified Solutions Architect - Professional SAP-C02 Question # 65 Topic 7 Discussion

SAP-C02 Exam Topic 7 Question 65 Discussion:
Question #: 65
Topic #: 7

A company is in the process of implementing AWS Organizations to constrain its developers to use only Amazon EC2. Amazon S3 and Amazon DynamoDB. The developers account resides In a dedicated organizational unit (OU). The solutions architect has implemented the following SCP on the developers account:

SAP-C02 Question 65

When this policy is deployed, IAM users in the developers account are still able to use AWS services that are not listed in the policy. What should the solutions architect do to eliminate the developers' ability to use services outside the scope of this policy?
A.

Create an explicit deny statement for each AWS service that should be constrained

B.

Remove the Full AWS Access SCP from the developer account's OU

C.

Modify the Full AWS Access SCP to explicitly deny all services

D.

Add an explicit deny statement using a wildcard to the end of the SCP

Get Premium SAP-C02 Questions
Actual exam question for Amazon Web Services SAP-C02 exam by Phoenix7250 at Oct 12, 2025, 4:33:36 PM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next