A security engineer is implementing authentication for a multi-account environment by using federated access with...

Amazon Web Services SCS-C02 Question Answer

A security engineer is implementing authentication for a multi-account environment by using federated access with SAML 2.0. The security engineer has configured AWS IAM Identity Center as an identity provider (IdP). The security engineer also has created IAM roles to grant access to the AWS accounts.

A federated user reports an authentication failure when the user attempts to authenticate with the new system.

What should the security engineer do to troubleshoot this issue in the MOST operationally efficient way?

Review the SAML IdP logs to identify errors. Check AWS CloudTrail to verify the API calls that the user made.

Review the SAML IdP logs to identify errors. Use the IAM policy simulator to validate access to the IAM roles.

Use IAM access advisor to review recent service access. Use the IAM policy simulator to validate access to the IAM roles.

Recreate the SAML IdP in a separate account to confirm the behavior that the user is experiencing.

Amazon Web Services SCS-C02 View All Questions

Amazon Web Services SCS-C02 Summary

Vendor: Amazon Web Services
Product: SCS-C02
Update on: Dec 19, 2025
Questions: 467

Price: $52.5 ~~$149.99~~

Buy Now SCS-C02 PDF + Testing Engine Pack

A company has configured an organization in AWS Organizations for its AWS accounts.

A company has AWS accounts in an organization in AWS Organizations.

New Year Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmasmnth

A security engineer is implementing authentication for a multi-account environment by using federated access with...

The Answer Is:

Explanation:

Amazon Web Services SCS-C02 Summary

Payments We Accept

Contact Us