A company's security team suspects that an insider threat is present. The security team is basing its suspicion on activity that occurred in one of the company's
AWS accounts. The activity was performed with the AWS account root user credentials. The root user has no access keys. The company uses AWS
Organizations, and the account where the activity occurred is in an OU.
A security engineer needs to take away the root user's ability to make any updates to the account. The root user password cannot be changed to accomplish this goal.
Which solution will meet these requirements?
A. Attach the following SCP to the account:
B. Attach the following SCP to the account:
C. Attach the following SCP to the account:
D. Attach the following inline IAM policy to the root user:
Â
Suggested Answer: C
Community Answer: B
This question is in SCS-C01 AWS Certified Security – Specialty Exam
For getting AWS Certified Security – Specialty Certificate
Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Amazon.
Trademarks, certification & product names are used for reference only and belong to Amazon.
The website does not contain actual questions and answers from Amazon's Certification Exam.Please login or Register to submit your answer