1. Home
  2. Discussions
  3. Amazon Web Services
  4. AWS Certified Specialty
  5. SCS-C02 Discussions
  6. SCS-C02 Exam Topic 8 Question 71 Discussion

Amazon Web Services AWS Certified Security - Specialty SCS-C02 Question # 71 Topic 8 Discussion

 Amazon Web Services Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

Amazon Web Services AWS Certified Security - Specialty SCS-C02 Question # 71 Topic 8 Discussion

SCS-C02 Exam Topic 8 Question 71 Discussion:
Question #: 71
Topic #: 8

A company is designing a multi-account structure for its development teams. The company is using AWS Organizations and AWS Single Sign-On (AWS SSO). The company must implement a solution so that the development teams can use only specific AWS Regions and so that each AWS account allows access to only specific AWS services.

Which solution will meet these requirements with the LEAST operational overhead?
A.

Use AWS SSO to set up service-linked roles with IAM policy statements that include the Condition, Resource, and NotAction elements to allow access to only the Regions and services that are needed.

B.

Deactivate AWS Security Token Service (AWS STS) in Regions that the developers are not allowed to use.

C.

Create SCPs that include the Condition, Resource, and NotAction elements to allow access to only the Regions and services that are needed.

D.

For each AWS account, create tailored identity-based policies for AWS SSO. Use statements that include the Condition, Resource, and NotAction elements to allow access to only the Regions and services that are needed.

Get Premium SCS-C02 Questions
Actual exam question for Amazon Web Services SCS-C02 exam by Cyra12999 at Aug 3, 2025, 12:00:00 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next