In preparation for this assessment, which two IAM best practices should you consider implementing?
(Choose two.)
Create individual IAM users for everyone in your organization
Configure MFA on the root account and for privileged IAM users
Assign IAM users and groups configured with policies granting least privilege access
Ensure all users have been assigned and are frequently rotating a password, access ID/secret key, and X.509 certificate
Explanations:
Creating individual IAM users is a good practice, but it does not fully address security concerns like least privilege access and MFA.
Enabling MFA (Multi-Factor Authentication) on both the root account and privileged IAM users adds an extra layer of security.
Granting least privilege access is a best practice to ensure users only have the necessary permissions to perform their tasks.
While rotating credentials is important, requiring X.509 certificates for all users is not typically a common IAM best practice in AWS.