Examtopics

AWS Certified Security - Specialty

12
14

Topic 1 Question 13
A security engineer is designing an IAM policy to protect AWS API operations. The policy must enforce multi-factor authentication (MFA) for IAM users to access certain services in the AWS production account. Each session must remain valid for only 2 hours. The current version of the IAM policy is as follows: Which combination of conditions must the security engineer add to the IAM policy to meet these requirements?

2 つ選択
- "Bool": {"aws:MultiFactorAuthPresent": "true"}
- "Bool": {"aws:MultiFactorAuthPresent": "false"}
- "NumericLessThan": {"aws:MultiFactorAuthAge": "7200"}
- "NumericGreaterThan": {"aws:MultiFactorAuthAge": "7200"}
- "NumericLessThan": {"MaxSessionDuration": "7200"}
ユーザの投票
コメント(14)
- Correct Answer is AC
  
  👍 8
  kk20002023/10/07
- A and C https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_configure-api-require.html#MFAProtectedAPI-overview
  
  👍 3
  kejam2023/11/07
- A and C
  
  👍 2
  KR6932023/10/23
シャッフルモード

12
14