AWS Certified Specialty SCS-C01 Exam Questions and Answers PDF

The most feasible option is to use IAM Config. When you turn on IAM Config, you will get a list of resources defined in your IAM Account.

A sample snapshot of the resources dashboard in IAM Config is shown below

C:\Users\wk\Desktop\mudassar\Untitled.jpg

Option A is incorrect because this would give the list of production based resources and now all resources

Option B is partially correct But this will just add more maintenance overhead.

Option C is incorrect because this can be used to log API activities but not give an account of all resou

For more information on IAM Config, please visit the below URL:

The correct answer is: Use IAM Config to get the list of all resources

Submit your Feedback/Queries to our Experts

A year's time is generally too long a gap for conducting security audits

The IAM Documentation mentions the following

You should audit your security configuration in the following situations:

On a periodic basis.

If there are changes in your organization, such as people leaving.

If you have stopped using one or more individual IAM services. This is important for removing permissions that users in your account no longer need.

If you've added or removed software in your accounts, such as applications on Amazon EC2 instances, IAM OpsWor stacks, IAM CloudFormation templates, etc.

If you ever suspect that an unauthorized person might have accessed your account.

Option B, C and D are all the right ways and recommended best practices when it comes to conducting audits For more information on Security Audit guideline, please visit the below URL:

The correct answer is: Conduct an audit on a yearly basis Submit your Feedback/Queries to our Experts