SCS-C03 · Question #14
SCS-C03 Question #14: Real Exam Question with Answer & Explanation
Sign in or unlock SCS-C03 to reveal the answer and full explanation for question #14. The question stem and answer options stay visible for context.
Question
A company uses AWS Organizations to manage an organization that consists of three workload OUs: Production, Development, and Testing. The company uses AWS CloudFormation templates to define and deploy workload infrastructure in AWS accounts that are associated with the OUs. Different SCPs are attached to each workload OU. The company successfully deployed a CloudFormation stack update to workloads in the Development OU and the Testing OU. When the company uses the same CloudFormation template to deploy the stack update in an account in the Production OU, the update fails. The error message reports insufficient IAM permissions. What is the FIRST step that a security engineer should take to troubleshoot this issue?
Options
- AReview the AWS CloudTrail logs in the account in the Production OU. Search for any failed API
- BRemove all the SCPs that are attached to the Production OU. Rerun the CloudFormation stack
- CConfirm that the role used by CloudFormation has sufficient permissions to create, update, and
- DMake all the SCPs that are attached to the Production OU the same as the SCPs that are
Unlock SCS-C03 to see the answer
You've previewed enough free SCS-C03 questions. Unlock SCS-C03 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.