Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon Exam SAA-C03 Topic 1 Question 53 Discussion

Actual exam question for Amazon's SAA-C03 exam
Question #: 53
Topic #: 1
[All SAA-C03 Questions]

A company manages AWS accounts in AWS Organizations. AWS 1AM Identity Center (AWS Single Sign-On) and AWS Control Tower are configured for the accounts. The company wants to manage multiple user permissions across all the accounts.

The permissions will be used by multiple 1AM users and must be split between the developer and administrator teams. Each team requires different permissions. The company wants a solution that includes new users that are hired on both teams.

Which solution will meet these requirements with the LEAST operational overhead?

Show Suggested Answer Hide Answer
Suggested Answer: A

A: How do you protect your data in transit?

Best Practices:

Implement secure key and certificate management: Store encryption keys and certificates securely and rotate them at appropriate time intervals while applying strict access control; for example, by using a certificate management service, such as AWS Certificate Manager (ACM).

Enforce encryption in transit: Enforce your defined encryption requirements based on appropriate standards and recommendations to help you meet your organizational, legal, and compliance requirements.

Automate detection of unintended data access: Use tools such as GuardDuty to automatically detect attempts to move data outside of defined boundaries based on data classification level, for example, to detect a trojan that is copying data to an unknown or untrusted network using the DNS protocol.

Authenticate network communications: Verify the identity of communications by using protocols that support authentication, such as Transport Layer Security (TLS) or IPsec.

https://wa.aws.amazon.com/wat.question.SEC_9.en.html


by Ruthann at Jan 10, 2025, 08:35 AM

Limited Time Offer

25%

Off

Get Premium SAA-C03 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Kathrine
18 days ago
Option C is the clear winner here. It's like the AWS Permissions Lego set - just snap the pieces together and you're good to go!
upvoted 0 times
...
Vallie
23 days ago
I'm a bit of a permissions nerd, so Option C is right up my alley. The ability to create custom permission sets is a game-changer.
upvoted 0 times
...
Twanna
24 days ago
Option B looks good, but it might be a bit more manual to manage individual user permissions. C seems to strike the right balance between flexibility and ease of use.
upvoted 0 times
Theresia
2 days ago
Option B might require more manual management of individual user permissions.
upvoted 0 times
...
...
Novella
25 days ago
I agree, Option C is the way to go. It provides a scalable solution for managing permissions as the company grows and hires new developers and administrators.
upvoted 0 times
Chana
8 days ago
Option B: Use AWS Single Sign-On to create two groups for the developer and administrator teams. Assign the appropriate permissions to each group.
upvoted 0 times
...
Sherman
19 days ago
Option A: Use AWS Control Tower to create two organizational units (OUs) for the developer and administrator teams. Assign the appropriate permissions to each OU.
upvoted 0 times
...
...
Janet
2 months ago
I'm not sure, I think option C could also work well by creating new groups and permission sets for each team. It might be worth considering as well.
upvoted 0 times
...
Marjory
2 months ago
I agree with Callie. Option A seems to have the least operational overhead and provides fine-grained permissions for each team.
upvoted 0 times
...
Virgie
2 months ago
Option C seems like the most efficient solution. Creating separate groups and permission sets in IAM Identity Center makes it easy to manage user permissions across multiple accounts.
upvoted 0 times
Iraida
6 days ago
Exactly, the goal is to streamline the process and minimize the effort required to manage user permissions across all accounts.
upvoted 0 times
...
Ty
28 days ago
It's important to have a solution that can scale with new hires on both teams without adding too much operational overhead.
upvoted 0 times
...
Levi
1 months ago
I agree, having separate groups and permission sets will make it easier to assign and update permissions as needed.
upvoted 0 times
...
Emiko
1 months ago
Option C is definitely the way to go. It simplifies managing permissions for both developer and administrator teams.
upvoted 0 times
...
...
Callie
2 months ago
I think option A is the best solution because it allows us to create separate groups for developers and administrators with custom policies.
upvoted 0 times
...

Save Cancel