SAA-C03 · Question #311
SAA-C03 Question #311: Real Exam Question with Answer & Explanation
Sign in or unlock SAA-C03 to reveal the answer and full explanation for question #311. The question stem and answer options stay visible for context.
Question
A company uses AWS Organizations to manage multiple AWS accounts. Each department in the company has its own AWS account. A security team needs to implement centralized governance and control to enforce security best practices across all accounts. The team wants to have control over which AWS services each account can use. The team needs to restrict access to sensitive resources based on IP addresses or geographic regions. The root user must be protected with multi-factor authentication (MFA) across all accounts. Which solution will meet these requirements?
Options
- AUse AWS Identity and Access Management (IAM) to manage IAM users and IAM roles in each
- BUse AWS Control Tower to establish a multi-account environment. Use service control policies
- CUse AWS Systems Manager to enforce service restrictions across multiple accounts. Use IAM
- DUse AWS IAM Identity Center to manage user access and to enforce service restrictions by using
Unlock SAA-C03 to see the answer
You've previewed enough free SAA-C03 questions. Unlock SAA-C03 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.