A company has many member accounts in an organization in AWS Organizations.The company is concerned about the potential for misuse of the AWS account root user credentials for member accounts in the organization.To address this potential misuse, the company wants to ensure that even if the account root user credentials are compromised, the account is still protected.
Which solution will meet this requirement?
Block service access by using SCPs for the root user.
Remove the password for the root user.
Delete access keys for the root user.
Create an Amazon CloudWatch Events rule to detect any AWS account root user API events.
I calculate that the answer is:
Block service access by using SCPs for the root user.
I organize that the answer is:
Block service access by using SCPs for the root user.