In preparation for this assessment, which two IAM best practices should you consider implementing?

By:
In: SOA-C01
Tagged:
With: 1 Comment
Your organization is preparing for a security assessment of your use of AWS.

In preparation for this assessment, which two IAM best practices should you consider implementing?

(Choose two.)

Create individual IAM users for everyone in your organization

Configure MFA on the root account and for privileged IAM users

Assign IAM users and groups configured with policies granting least privilege access

Ensure all users have been assigned and are frequently rotating a password, access ID/secret key, and X.509 certificate

Explanations:

Creating individual IAM users is a good practice, but it does not fully address security concerns like least privilege access and MFA.

Enabling MFA (Multi-Factor Authentication) on both the root account and privileged IAM users adds an extra layer of security.

Granting least privilege access is a best practice to ensure users only have the necessary permissions to perform their tasks.

While rotating credentials is important, requiring X.509 certificates for all users is not typically a common IAM best practice in AWS.

2025-09-28

1 Comment

  1. Kathleen
    Author

    I scheme that the answer is:
    Configure MFA on the root account and for privileged IAM users

Leave a Reply

Your email address will not be published. Required fields are marked *

seven − 1 =