AWS Certified Cloud Practitioner
Get started today
Ultimate access to all questions.
Deep dive into the quiz with AI chat providers.
We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.
Which of the following are best practices in AWS Identity and Access Management (IAM)? (Select TWO.)
Real Exam
Community
RRitesh
0
A
Use roles to delegate permissions
B
Use groups to assign permissions to IAM users
C
Create shared access keys
D
Disable multi-factor authentication (MFA)
E
Avoid the use of policy conditions
Explanation:
Explanation
Correct Answers:
- A. Use roles to delegate permissions - This is a best practice because roles allow temporary security credentials and help follow the principle of least privilege.
- B. Use groups to assign permissions to IAM users - This is a best practice as it simplifies permission management and ensures consistent access control.
Incorrect Options:
- C. Create shared access keys - Not a best practice as it violates the principle of least privilege and complicates auditing and accountability.
- D. Disable multi-factor authentication (MFA) - Not a best practice as MFA enhances security; disabling it increases security risks.
- E. Avoid the use of policy conditions - Not accurate; policy conditions can be useful for fine-grained access control and should be used when appropriate.
Key IAM Best Practices:
- Use roles for cross-account access and temporary permissions
- Organize users into groups for easier permission management
- Enable MFA for enhanced security
- Follow the principle of least privilege
- Use policy conditions for granular access control when needed
Comments
Loading comments...