AmazonAmazon
SCS-C02 · Question #407
SCS-C02 Question #407: Real Exam Question with Answer & Explanation
Sign in or unlock SCS-C02 to reveal the answer and full explanation for question #407. The question stem and answer options stay visible for context.
Submitted by jakub_pl· Mar 6, 2026
Question
Every application in a company's portfolio has a separate AWS account for development and production. The security team wants to prevent the root user and all IAM users in the production accounts from accessing a specific set of unneeded services. How can they control this functionality?
Options
- ACreate a Service Control Policy that denies access to the services. Assemble all production
- BCreate a Service Control Policy that denies access to the services. Apply the policy to the root
- CCreate an IAM policy that denies access to the services. Associate the policy with an IAM group
- DCreate an IAM policy that denies access to the services. Create a Config Rule that checks that all
Unlock SCS-C02 to see the answer
You've previewed enough free SCS-C02 questions. Unlock SCS-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.