Answer-first summary for fast verification
Answer: Avoid generating access keys for the AWS account root user; opt to establish AWS IAM users instead., Implement multi-factor authentication for the AWS account root user.
To secure the AWS account root user, the best practices are: (D) Don't create access keys for the root user as it's highly privileged and should not be used for everyday tasks. Instead, create AWS IAM users with minimal required permissions. (E) Enable multi-factor authentication (MFA) for the root user to add an extra layer of security, ensuring that even if the password is compromised, additional verification is required. These practices significantly reduce the risk of unauthorized access to the root account.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
Identify the two most secure practices for safeguarding the AWS account root user in a newly established AWS account.
A
Utilize the AWS account root user access keys in place of the AWS Management Console.
B
Activate multi-factor authentication for AWS IAM users who have the AdministratorAccess policy attached.
C
Employ AWS KMS to encrypt all access keys associated with the AWS account root user and IAM, with a rotation period set to 30 days.
D
Avoid generating access keys for the AWS account root user; opt to establish AWS IAM users instead.
E
Implement multi-factor authentication for the AWS account root user.