A security engineer recently rotated all IAM access keys in an AWS account. The security engineer then configured AWS Config and enabled the following AWS Config managed rules; mfa-enabled-for-iam-console-access, iam-user-mfa-enabled, access-key-rotated, and iam-user-unused-credentials-check. The security engineer notices that all resources are displaying as noncompliant after the IAM GenerateCredentialReport API operation is invoked. What could be the reason for the noncompliant status? A. The IAM credential report was generated within the past 4 hours. B. The security engineer does not have the GenerateCredentialReport permission. C. The security engineer does not have the GetCredentialReport permission. D. The AWS Config rules have a MaximumExecutionFrequency value of 24 hours.  Suggested Answer: D Community Answer: A Reference: https://aws.amazon.com/blogs/mt/managing-aged-access-keys-through-aws-config-remediations/ This question is in SCS-C01 AWS Certified Security – Specialty Exam For getting AWS Certified Security – Specialty Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by Amazon. Trademarks, certification & product names are used for reference only and belong to Amazon. The website does not contain actual questions and answers from Amazon's Certification Exam.
Please login or Register to submit your answer