CRISC IT Risk Identification • Set 7
CRISC IT Risk Identification Practice Test 7 — 15 questions with explanations. Free, no signup.
Refer to the exhibit. A risk manager is reviewing IAM policies for an S3 bucket used for sensitive data. This policy allows which of the following?
Refer to the exhibit.
=== AWS IAM Policy (JSON) ===
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::company-data/*",
"Condition": {
"IpAddress": {
"aws:SourceIp": "10.0.0.0/8"
}
}
}
]
}
=== End of Policy ===