Multiple Choice
A company has multiple AWS accounts that are part of AWS Organizations. The company's Security team wants to ensure that even those Administrators with full access to the company's AWS accounts are unable to access the company's Amazon S3 buckets. How should this be accomplished?
A) Use SCPs.
B) Add a permissions boundary to deny access to Amazon S3 and attach it to all roles.
C) Use an S3 bucket policy.
D) Create a VPC endpoint for Amazon S3 and deny statements for access to Amazon S3.
Correct Answer:
Verified
Correct Answer:
Verified
Q146: A Security Engineer discovered a vulnerability in
Q147: A company has a compliance requirement to
Q148: A company's architecture requires that its three
Q149: During a manual review of system logs
Q150: A company had one of its Amazon
Q152: A security engineer is responsible for providing
Q153: A recent security audit identified that a
Q154: A company's web application is hosted on
Q155: A company is undergoing a layer 3
Q156: An application makes calls to AWS services