SCS-C03 Question #49: Real Exam Question with Answer & Explanation

Sign in or unlock SCS-C03 to reveal the answer and full explanation for question #49. The question stem and answer options stay visible for context.

Submitted by asante_acc· Mar 6, 2026Identity and Access Management (IAM)

Question

A company must immediately disable compromised IAM users across all AWS accounts and collect all actions performed by the user in the last 7 days. Which solution will meet these requirements?

Options

ADisable the IAM user and query CloudTrail logs in Amazon S3 using Athena.
BRemove IAM policies and query logs in Security Hub.
CRemove permission sets and query logs using CloudWatch Logs Insights.
DDisable the user in IAM Identity Center and query the organizational event data store.

Unlock SCS-C03 to see the answer

You've previewed enough free SCS-C03 questions. Unlock SCS-C03 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock SCS-C03 - $49.99 / 30 days Sign in

Topics

#IAM Identity Center#CloudTrail Lake#Multi-account IAM#Security Auditing

Full SCS-C03 Practice Browse All SCS-C03 Questions