Answer-first summary for fast verification
Answer: Utilize AWS IAM Access Analyzer to scrutinize the policies and examine the outcomes of policy validation checks.
The correct answer is A. Using AWS IAM Access Analyzer to analyze the policies and view the findings from policy validation checks is the recommended approach. AWS IAM Access Analyzer helps you create and validate policies and Service Control Policies (SCPs) that adhere to AWS best practices. It provides insights and validation checks to ensure that the policies are secure and optimal. Other options such as AWS Trusted Advisor, AWS Audit Manager, and Amazon Inspector do not specifically focus on analyzing and optimizing SCPs.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
A security engineer is tasked with optimizing Service Control Policies (SCPs) within AWS Organizations to ensure they adhere to best practices. Which method should the security engineer employ to achieve this optimization?
A
Utilize AWS IAM Access Analyzer to scrutinize the policies and examine the outcomes of policy validation checks.
B
Conduct a review of AWS Trusted Advisor checks across all accounts within the organization.
C
Establish AWS Audit Manager and execute an assessment covering all AWS Regions and accounts.
D
Ensure the deployment of Amazon Inspector agents on all Amazon EC2 instances across all accounts.