For Individuals For Educators

Ace your certifications with Practice Exams and AI assistance.

Browse Exams
For Educators
Blog

Privacy Policy
Terms of Service
Cookie Policy
Support

AWS SAA Exam Prep
PMI PMP Exam Prep
CPA Exam Prep
GCP PCA Exam Prep

© 2026 TinyHive Labs. Company number 16262776.

Practice AWS Solutions Architect Professional (SAP-C02)AWS Solutions Architect Professional SAP-C02 Practice Exam 3Question 44

Hard1 markMultiple Choice

Domain 3.2: Security ImprovementSecurityIAMAccess Analyzer

AWS SAP-C02 · Question 44 · Domain 3.2: Security Improvement

A security audit reveals that IAM users have overly permissive policies. The security team wants to automatically analyze CloudTrail logs to generate least-privilege IAM policies based on actual usage over the last 90 days. Which tool should they use?

Answer options:

A.

AWS Trusted Advisor

B.

IAM Access Analyzer policy generation

C.

AWS Config

D.

Amazon Macie

How to approach this question

Identify the IAM feature that analyzes logs to create policies.

Full Answer

B.IAM Access Analyzer policy generation✓ Correct

IAM Access Analyzer policy generation creates policies based on access activity recorded in AWS CloudTrail.

Common mistakes

Not knowing that Access Analyzer has a policy generation feature.

Question 43 All questions Question 45

Practice the full AWS Solutions Architect Professional SAP-C02 Practice Exam 3

75 questions · hints · full answers · grading

Sign up free Take the exam

More questions from this exam

Q01An enterprise has 100 VPCs across 5 AWS Regions. They need to establish a highly available, trans...Hard Q02A company uses AWS Organizations. The CISO requires that no EC2 instances can be launched outside...Medium Q03An application uses Amazon Aurora PostgreSQL. To meet disaster recovery requirements, the databas...Hard Q04A company is setting up a new multi-account AWS environment. They want to automate the creation o...Medium Q05An organization wants to allocate AWS costs to specific departments. They use multiple AWS accoun...Medium

View all 75 questions →