SCS-C02 Domain 3: Identity and Access Management

A hybrid environment must support a goal to enforce MFA for console users without changing application code. What should you implement? enforce MFA for console users.

Multiple choice — select one answer

Answer choices

  1. a. IAM MFA policies
  2. b. Access Analyzer
  3. c. CloudTrail AssumeRole events
  4. d. aws:SourceIp condition keys

Architectural breakdown & explanation

MFA reduces account takeover risk.

Correct answer(s): a. IAM MFA policies

Exam domain: Domain 3: Identity and Access Management (20% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the AWS Certified Security – Specialty bank. Run a full timed practice exam with domain-weighted random questions in your browser.