Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65

  1. Home
  2. Discussions
  3. Amazon Web Services
  4. AWS Certified Specialty
  5. SCS-C03 Discussions
  6. SCS-C03 Exam Topic 4 Question 37 Discussion

Amazon Web Services AWS Certified Security – Specialty SCS-C03 Question # 37 Topic 4 Discussion

 Amazon Web Services Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
Next  

Amazon Web Services AWS Certified Security – Specialty SCS-C03 Question # 37 Topic 4 Discussion

SCS-C03 Exam Topic 4 Question 37 Discussion:
Question #: 37
Topic #: 4

A company is using AWS CloudTrail and Amazon CloudWatch to monitor resources in an AWS account. The company’s developers have been using an IAM role in the account for the last 3 months.

A security engineer needs to refine the customer managed IAM policy attached to the role to ensure that the role provides least privilege access.

Which solution will meet this requirement with the LEAST effort?
A.

Implement AWS IAM Access Analyzer policy generation on the role.

B.

Implement AWS IAM Access Analyzer policy validation on the role.

C.

Search CloudWatch logs to determine the actions the role invoked and to evaluate the permissions.

D.

Use AWS Trusted Advisor to compare the policies assigned to the role against AWS best practices.

Get Premium SCS-C03 Questions
Actual exam question for Amazon Web Services SCS-C03 exam by Arlo8798 at Feb 11, 2026, 5:30:56 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
Next