AmazonAmazon
SCS-C02 · Question #47
SCS-C02 Question #47: Real Exam Question with Answer & Explanation
The correct answer is A: "Bool": {"aws:MultiFactorAuthPresent": "true"}. https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_configure-api-
Submitted by miguelv· Mar 6, 2026
Question
A security engineer is designing an IAM policy to protect AWS API operations. The policy must enforce multi-factor authentication (MFA) for IAM users to access certain services in the AWS production account. Each session must remain valid for only 2 hours. The current version of the IAM policy is as follows: Which combination of conditions must the security engineer add to the IAM policy to meet these requirements? (Choose two.)
Options
- A"Bool": {"aws:MultiFactorAuthPresent": "true"}
- B"Bool": {"aws:MultiFactorAuthPresent": "false"}
- C"NumericLessThan": {"aws:MultiFactorAuthAge": "7200"}
- D"NumericGreaterThan": {"aws:MultiFactorAuthAge": "7200"}
- E"NumericLessThan": {"MaxSessionDuration": "7200"}
Explanation
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_configure-api-
Community Discussion
No community discussion yet for this question.