SCS-C02 Domain 3: Identity and Access Management

For cost and security, the team must implement ABAC with session tags. What is the recommended approach? implement ABAC with session tags.

Multiple choice — select one answer

Answer choices

  1. a. IAM policies conditioned on aws:PrincipalTag
  2. b. IAM Identity Center with external IdP
  3. c. IAM MFA policies
  4. d. Static roles per combo explosion

Architectural breakdown & explanation

ABAC scales authorization with attributes.

Correct answer(s): a. IAM policies conditioned on aws:PrincipalTag

Exam domain: Domain 3: Identity and Access Management (20% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the AWS Certified Security – Specialty bank. Run a full timed practice exam with domain-weighted random questions in your browser.