Which of the following options should the Security Engineer use?

SCS-C01 0 Comments

A Security Engineer has been asked to create an automated process to disable IAM user access keys that are more than three months old.

Which of the following options should the Security Engineer use?
A . In the AWS Console, choose the IAM service and select “Users”. Review the “Access Key Age” column.
B . Define an IAM policy that denies access if the key age is more than three months and apply to all users.
C . Write a script that uses the GenerateCredentialReport, GetCredentialReport, and UpdateAccessKey APIs.
D . Create an Amazon CloudWatch alarm to detect aged access keys and use an AWS Lambda function to disable the keys older than 90 days.

Answer: A

Explanation:

Reference: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html

Latest SCS-C01 Dumps Valid Version with 470 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download SCS-C01 PDF     SCS-C01 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments