Consider a scenario where an AWS environment has been configured with IAM policies that grant extensive permissions to a set of users. Upon review, it is discovered that these permissions exceed the necessary level for the users to perform their duties. What steps would you take to apply the principle of least privilege and reduce the risk of unauthorized access or actions? | AWS Certified Security - Specialty Quiz