DOP-C02 Question #224: Real Exam Question with Answer & Explanation

Sign in or unlock DOP-C02 to reveal the answer and full explanation for question #224. The question stem and answer options stay visible for context.

Submitted by ahmad_uae· Mar 6, 2026Security and Compliance

Question

A company's organization in AWS Organizations has a single OU. The company runs Amazon EC2 instances in the OU accounts. The company needs to limit the use of each EC2 instance's credentials to the specific EC2 instance that the credential is assigned to. A DevOps engineer must configure security for the EC2 instances. Which solution will meet these requirements?

Options

ACreate an SCP that specifies the VPC CIDR block. Configure the SCP to check whether the value
BCreate an SCP that checks whether the values of the aws:EC2InstanceSourceVPC and
CCreate an SCP that includes a list of acceptable VPC values and checks whether the value of the
DCreate an SCP that checks whether the values of the aws:EC2InstanceSourceVPC and

Unlock DOP-C02 to see the answer

You've previewed enough free DOP-C02 questions. Unlock DOP-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock DOP-C02 - $49.99 / 30 days Sign in

Topics

#AWS Organizations SCPs#IAM instance profiles#EC2 security#IAM policy conditions

Full DOP-C02 Practice Browse All DOP-C02 Questions