Amazon SAP-C02 AWS Certified Solutions Architect – Professional (SAP-C02) 10 24Oct2024 - Practice Quiz

Study path

The free lane is only the front row

Keep the free practice test in view while the left rail shows everything else waiting behind it.

Free practice for Amazon SAP-C02 AWS Certified Solutions Architect – Professional (SAP-C02)

Answered

Wrong

Progress

Accuracy

Preview progress0/30

Ready score12%

This free quiz stays in the main area. The rail on the left shows the bigger study system waiting behind premium access.

Unlocked now

Free practice test

Unlocked

Start answering and the free lane begins filling up immediately

Instant explanations

Unlocked

Every answered free question now shows the explanation directly after you check it

Progress snapshot

Unlocked

Questions answered, wrong-answer rate, and readiness update live while you practice

Waiting to unlock

Detailed dashboard

Locked

Readiness trend, progress bars, wrong-answer review, and weak-domain coverage

Wrong-answer recovery

Locked

Auto-queue every miss for targeted recovery instead of losing it after one attempt

Flashcards

Locked

Quick recall decks for facts, terms, formulas, and repeated weak spots

Mind maps

Locked

Visual topic maps so harder objectives stop feeling scattered

Video courses

Locked

Guided topic walkthroughs for sections that still feel slow or confusing

4,300+ premium practice tests

Locked

The rest of the Certbie catalog stays visibly locked beside the free lane

13,900+ quiz sets

Locked

More depth across major vendors and long-tail niche certification tracks

Exam simulations

Locked

Longer timed practice sessions designed to feel much closer to the paid prep flow

Open Dashboard & Progress See Everything in Premium

Question 1 of 30

In a large enterprise utilizing AWS Organizations, the security team is tasked with implementing a policy that restricts the creation of new IAM users across all accounts within the organization. The organization has multiple Organizational Units (OUs) for different departments, and the security team wants to ensure that this policy is applied uniformly. Which approach should the security team take to achieve this goal effectively while maintaining flexibility for specific departments that may require exceptions?

Create a Service Control Policy (SCP) that denies the `iam:CreateUser` action and attach it to the root of the organization, while allowing specific OUs to have exceptions through additional SCPs that permit the action.

Implement an IAM policy at the account level that denies the `iam:CreateUser` action for all users in the organization, ensuring that no new users can be created.

Use AWS Config rules to monitor the creation of IAM users and alert the security team whenever a new user is created, allowing them to take manual action afterward.

Set up CloudTrail logging to track IAM user creation events and create a Lambda function that automatically deletes any newly created users across the organization.

Preparing for Amazon SAP-C02 AWS Certified Solutions Architect – Professional (SAP-C02)? Now land the interview.

73% of qualified candidates get rejected because of weak resumes. Build an ATS-optimized, recruiter-ready resume in under 5 minutes - free to start.

Build My Resume Free