A Security Engineer must enforce the use of only Amazon EC2, Amazon S3, Amazon RDS, Amazon DynamoDB, and AWS STS in specific accounts. What is a scalable and efficient approach to meet this requirement?
A) Set up an AWS Organizations hierarchy, and replace the FullAWSAccess policy with the following Service Control Policy for the governed organization units: 
B) Create multiple IAM users for the regulated accounts, and attach the following policy statement to restrict services as required: 
C) Set up an Organizations hierarchy, replace the global FullAWSAccess with the following Service Control Policy at the top level: 
D) Set up all users in the Active Directory for federated access to all accounts in the company. Associate Active Directory groups with IAM groups, and attach the following policy statement to restrict services as required: 
Correct Answer:
Verified
Q13: A Security Engineer launches two Amazon EC2
Q14: A Systems Engineer has been tasked with
Q15: A company wants to control access to
Q16: A security team is responsible for reviewing
Q17: An application is currently secured using network
Q19: A company requires that IP packet data
Q20: A company has complex connectivity rules governing
Q21: An application outputs logs to a text
Q22: A company has deployed a custom DNS
Q23: An organization has tens of applications deployed
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents