SCS-C02 · Question #474
SCS-C02 Question #474: Real Exam Question with Answer & Explanation
Sign in or unlock SCS-C02 to reveal the answer and full explanation for question #474. The question stem and answer options stay visible for context.
Question
A company has hundreds of AWS accounts and uses AWS Organizations. The company plans to create many different IAM roles and policies for its product team, security team, and platform team. Some IAM policies will be shared across teams. A security engineer needs to implement a solution to logically group together the IAM roles of each team. The solution must allow only the platform team to delegate IAM permissions to AWS services. Which solution will meet these requirements?
Options
- ASet up an IAM path with the IAM roles for each team. Deploy an SCP that denies the
- BApply different tags for each team to the IAM roles. Deploy an SCP that denies the
- CApply different tags for each team to the IAM policies. Deploy an SCP that denies the
- DSet up an IAM path with the IAM roles for each team. Use IAM permissions boundaries to deny
Unlock SCS-C02 to see the answer
You've previewed enough free SCS-C02 questions. Unlock SCS-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.