ExamGecko
Question list
Search
Search

List of questions

Search

Related questions











Question 257 - SAP-C02 discussion

Report
Export

A company has deployed an application to multiple environments in AWS. including production and testing the company has separate accounts for production and testing, and users are allowed to create additional application users for team members or services. as needed. The security team has asked the operations team tor better isolation between production and testing with centralized controls on security credentials and improved management of permissions between environments Which of the following options would MOST securely accomplish this goal?

A.
Create a new AWS account to hold user and service accounts, such as an identity account Create users and groups m the identity account. Create roles with appropriate permissions in the production and testing accounts Add the identity account to the trust policies for the roles
Answers
A.
Create a new AWS account to hold user and service accounts, such as an identity account Create users and groups m the identity account. Create roles with appropriate permissions in the production and testing accounts Add the identity account to the trust policies for the roles
B.
Modify permissions in the production and testing accounts to limit creating new IAM users to members of the operations team Set a strong IAM password policy on each account Create new IAM users and groups in each account to Limit developer access to just the services required to complete their job function.
Answers
B.
Modify permissions in the production and testing accounts to limit creating new IAM users to members of the operations team Set a strong IAM password policy on each account Create new IAM users and groups in each account to Limit developer access to just the services required to complete their job function.
C.
Create a script that runs on each account that checks user accounts For adherence to a security policy. Disable any user or service accounts that do not comply.
Answers
C.
Create a script that runs on each account that checks user accounts For adherence to a security policy. Disable any user or service accounts that do not comply.
D.
Create all user accounts in the production account Create roles for access in me production account and testing accounts. Grant cross-account access from the production account to the testing account
Answers
D.
Create all user accounts in the production account Create roles for access in me production account and testing accounts. Grant cross-account access from the production account to the testing account
Suggested answer: A
asked 16/09/2024
Venkat Burri
43 questions
User
Your answer:
0 comments
Sorted by

Leave a comment first