AWS Certified Cloud Practitioner
Get started today
Ultimate access to all questions.
Deep dive into the quiz with AI chat providers.
We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.
Which of the following are best practices in AWS Identity and Access Management (IAM)? (Select TWO.)
Real Exam
Community
RRitesh
A
Use roles to delegate permissions
B
Use groups to assign permissions to IAM users
C
Create shared access keys
D
Disable multi-factor authentication (MFA)
E
Avoid the use of policy conditions
Explanation:
Explanation
Correct Answers:
-
A. Use roles to delegate permissions - This is a best practice because roles allow temporary security credentials and help follow the principle of least privilege.
-
B. Use groups to assign permissions to IAM users - This is a best practice as it simplifies permission management and ensures consistent access control.
Incorrect Options:
-
C. Create shared access keys - Not a best practice as it violates the principle of least privilege and complicates auditing and accountability.
-
D. Disable multi-factor authentication (MFA) - Not a best practice as MFA enhances security; disabling it increases security risks.
-
E. Avoid the use of policy conditions - Not accurate; policy conditions can be useful for fine-grained access control and should be used when appropriate.
Key IAM Best Practices:
-
Use roles for cross-account access and temporary permissions
-
Organize users into groups for easier permission management
-
Enable MFA for enhanced security
-
Follow the principle of least privilege
-
Use policy conditions for granular access control when needed
Comments
Loading comments...