SCS-C02 · Question #354
SCS-C02 Question #354: Real Exam Question with Answer & Explanation
Sign in or unlock SCS-C02 to reveal the answer and full explanation for question #354. The question stem and answer options stay visible for context.
Question
A security engineer must troubleshoot an administrator's inability to make an existing Amazon S3 bucket public in an account that is part of an organization n AWS Organizations. The administrator switched the role from the master account to a member account and then attempted to make one S3 bucket public. This action was immediately denied. Which actions should the security engineer take to troubleshoot the permissions issue? (Choose two.)
Options
- AReview the cross-account role permissions and the S3 bucket policy Verify that the Amazon S3
- BReview the role permissions m the master account and ensure it has sufficient privileges to
- CFilter AWS CloudTrail logs for the master account to find the original deny event and update the
- DEvaluate the SCPs covering the member account and the permissions boundary of the role in the
- EEnsure the S3 bucket policy explicitly allows the s3 PutBucketPublicAccess action for the role m
Unlock SCS-C02 to see the answer
You've previewed enough free SCS-C02 questions. Unlock SCS-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.