SCS-C03 · Question #8
SCS-C03 Question #8: Real Exam Question with Answer & Explanation
Sign in or unlock SCS-C03 to reveal the answer and full explanation for question #8. The question stem and answer options stay visible for context.
Question
A company is using AWS CloudTrail and Amazon CloudWatch to monitor resources in an AWS account. The company's developers have been using an IAM role in the account for the last 3 months. A security engineer needs to refine the customer managed IAM policy attached to the role to ensure that the role provides least privilege access. Which solution will meet this requirement with the LEAST effort?
Options
- AImplement AWS IAM Access Analyzer policy generation on the role.
- BImplement AWS IAM Access Analyzer policy validation on the role.
- CSearch CloudWatch logs to determine the actions the role invoked and to evaluate the
- DUse AWS Trusted Advisor to compare the policies assigned to the role against AWS best
Unlock SCS-C03 to see the answer
You've previewed enough free SCS-C03 questions. Unlock SCS-C03 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.