A company is operating a multi-account environment under a single organization using AWS Organizations. The Security team discovers that some employees are using AWS services in ways that violate company policies. A SysOps Administrator needs to prevent all users of an account, including the root user, from performing certain restricted actions. What should be done to accomplish this?

Topic #: - All AWS-SysOps Questions

A. Apply service control policies (SCPs) to allow approved actions only
B. Apply service control policies (SCPs) to prevent restricted actions
C. Define permissions boundaries to allow approved actions only
D. Define permissions boundaries to prevent restricted actions

- Awsexamhub website is not related to, affiliated with, endorsed or authorized by Amazon.
- Trademarks, certification & product names are used for reference only and belong to Amazon.

Suggested Answer:

Share this post

Join the Discussion