Multiple Choice
A company has implemented AWS Organizations. It has recently set up a number of new accounts and wants to deny access to a specific set of AWS services in these new accounts. How can this be controlled MOST efficiently?
A) Create an IAM policy in each account that denies access to the services. Associate the policy with an IAM group, and add all IAM users to the group.
B) Create a service control policy that denies access to the services. Add all of the new accounts to a single organizational unit (OU) , and apply the policy to that OU.
C) Create an IAM policy in each account that denies access to the services. Associate the policy with an IAM role, and instruct users to log in using their corporate credentials and assume the IAM role.
D) Create a service control policy that denies access to the services, and apply the policy to the root of the organization.
Correct Answer:
Verified
Correct Answer:
Verified
Q39: You currently operate a web application. In
Q40: A company wants to host its website
Q41: A company has developed a new release
Q42: Which AWS instance address has the following
Q43: Someone is creating a VPC for their
Q45: A company is using an Amazon CloudFront
Q46: You're running an application on-premises due to
Q47: What types of identities do Amazon Cognito
Q48: You are implementing a URL whitelisting system
Q49: The following are AWS Storage services? (Choose