Topic 1 Question 43
A security engineer is using AWS Organizations and wants to optimize SCPs. The security engineer needs to ensure that the SCPs conform to best practices. Which approach should the security engineer take to meet this requirement?
Use AWS IAM Access Analyzer to analyze the polices. View the findings from policy validation checks.
Review AWS Trusted Advisor checks for all accounts in the organization.
Set up AWS Audit Manager. Run an assessment for all AWS Regions for all accounts.
Ensure that Amazon Inspector agents are installed on all Amazon EC2 instances in all accounts.
ユーザの投票
コメント(6)
- 正解だと思う選択肢: A
It seems IAM Access Analyzer > This powerful new feature will help you to construct IAM policies and SCPs that take advantage of time-tested AWS best practices. https://aws.amazon.com/jp/blogs/aws/iam-access-analyzer-update-policy-validation/
👍 5bannium2024/04/30 - 正解だと思う選択肢: A
You can create AWS IAM Access Analyzer in AWS Organizations as the zone of trust. https://aws.amazon.com/blogs/aws/new-use-aws-iam-access-analyzer-in-aws-organizations/
👍 2AgboolaKun2024/05/05 - 正解だと思う選択肢: B
best practices --> Trusted Advisor
👍 1ahrentom2024/04/25
シャッフルモード