AWS Certified Security - Specialty

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: Rotate the access keys and passwords of affected IAM users using AWS Secrets Manager, and invalidate old credentials by revoking their permissions in IAM.

Option B is the correct approach as it involves specific actions to secure the account without causing unnecessary downtime or data loss. Rotating credentials and revoking permissions are standard practices to mitigate the risk of further unauthorized access.

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Answer: Rotate the access keys and passwords of affected IAM users using AWS Secrets Manager, and invalidate old credentials by revoking their permissions in IAM.

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

In the event of a suspected AWS account compromise, which strategies would you implement to invalidate and rotate credentials effectively? Describe the steps you would take using AWS Identity and Access Management (IAM) and AWS Secrets Manager.

Simulated

Last updated: December 23, 2025 at 14:04

Immediately delete all IAM users and recreate them with new credentials.

0.0%

Rotate the access keys and passwords of affected IAM users using AWS Secrets Manager, and invalidate old credentials by revoking their permissions in IAM.

100.0%

Disable the AWS account and create a new one, transferring all resources to the new account.

Change the root account password and ignore the IAM users assuming they are not compromised.