Correct answer - "The user will get denied because the policy has an explicit denied" : An
explicit deny overrides the allow.
"The user will get allowed because it has an explicit allow" - A request results in an explicit
deny if an applicable policy includes a Deny statement
"This IAM user is invalid and the policy conflict must be resolved first" - The IAM user is not
invalid as the policy can contain allow and denies but these will be evaluated accordingly
"The order of the policy matters. If the policy 1 is before 2, then it is denied, else if policy
2 is before 1, then it is allowed" - If policies that apply to a request include an Allow
statement and a Deny statement, the Deny statement trumps the Allow statement. The request is
explicitly denied.