Summer Certification Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: force70

  1. Home
  2. Discussions
  3. Amazon Web Services
  4. AWS Certified Specialty
  5. SCS-C03 Discussions
  6. SCS-C03 Exam Topic 7 Question 61 Discussion

Amazon Web Services AWS Certified Security – Specialty SCS-C03 Question # 61 Topic 7 Discussion

 Amazon Web Services Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

Amazon Web Services AWS Certified Security – Specialty SCS-C03 Question # 61 Topic 7 Discussion

SCS-C03 Exam Topic 7 Question 61 Discussion:
Question #: 61
Topic #: 7

A company is using an organization with all features enabled in AWS Organizations. The organization contains OUs. The company has configured a delegated administrator account for AWS IAM Identity Center. In this delegated administrator account, the company has deployed an AWS CloudFormation stack that contains permission sets.

A security engineer must implement a solution to prevent the deletion of the CloudFormation stack.

Which solution will meet this requirement?
A.

Enable termination protection for the CloudFormation stack. Create an SCP that denies the cloudformation:UpdateTerminationProtection action for the stack’s ARN. Apply the SCP to the root of the organization.

B.

Enable termination protection for the CloudFormation stack. Create an SCP that denies the cloudformation:DeleteStack action for the stack’s ARN. Apply the SCP to all OUs except the OU that contains the delegated administrator account.

C.

Set the DeletionPolicy attribute to Retain for all resources in the CloudFormation stack. Create an IAM policy that denies the cloudformation:DeleteStack action for the stack’s ARN. Attach the IAM policy to all IAM users and roles in the organization’s management account.

D.

Assign a stack policy to deny updates to stack resources. Create an SCP that denies the cloudformation:UpdateStack action for the stack’s ARN. Apply the SCP to all OUs and the organization’s management account.

Get Premium SCS-C03 Questions
Actual exam question for Amazon Web Services SCS-C03 exam by Zephyr5241 at Jun 21, 2026, 1:28:57 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next