SCS-C02 · Question #453
SCS-C02 Question #453: Real Exam Question with Answer & Explanation
Sign in or unlock SCS-C02 to reveal the answer and full explanation for question #453. The question stem and answer options stay visible for context.
Question
A security engineer is implementing authentication for a multi-account environment by using federated access with SAML 2.0. The security engineer has configured AWS IAM Identity Center as an identity provider (IdP). The security engineer also has created IAM roles to grant access to the AWS accounts. A federated user reports an authentication failure when the user attempts to authenticate with the new system. What should the security engineer do to troubleshoot this issue in the MOST operationally efficient way?
Options
- AReview the SAML IdP logs to identify errors. Check AWS CloudTrail to verify the API calls that
- BReview the SAML IdP logs to identify errors. Use the IAM policy simulator to validate access to
- CUse IAM access advisor to review recent service access. Use the IAM policy simulator to validate
- DRecreate the SAML IdP in a separate account to confirm the behavior that the user is
Unlock SCS-C02 to see the answer
You've previewed enough free SCS-C02 questions. Unlock SCS-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.