Prisma Certified Cloud Security Engineer (PCCSE) — Question 205

Which three AWS policy types and identities are used to calculate the net effective permissions? (Choose three.)

Answer options

• A. AWS IAM group
• B. AWS IAM role
• C. AWS service control policies (SCPs)
• D. AWS IAM tag policy
• E. AWS IAM User

Correct answer: A, B, C

Explanation

The correct answers, A, B, and C, are all relevant to the calculation of net effective permissions in AWS. AWS IAM groups and roles provide permissions to users, while service control policies (SCPs) govern permissions at the organizational level. Options D and E are not part of the net effective permissions calculation as they do not directly contribute to the authorization process in the same way.