AWS Certified Cloud Practitioner
Get started today
Ultimate access to all questions.
Deep dive into the quiz with AI chat providers.
We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.
Which actions represent best practices for using AWS IAM? (Select TWO.)
Real Exam
Community
RRitesh
A
Configure a strong password policy.
B
Share the security credentials among users of AWS accounts who are in the same Region.
C
Use access keys to log in to the AWS Management Console.
D
Rotate access keys on a regular basis.
E
Avoid using IAM roles to delegate permissions.
Explanation:
Explanation
Correct Answers:
-
A. Configure a strong password policy - This is a fundamental security best practice that helps ensure users create strong, complex passwords that are resistant to brute-force attacks.
-
D. Rotate access keys on a regular basis - Regularly rotating access keys reduces the risk of compromised credentials being used maliciously.
Incorrect Answers:
-
B. Share the security credentials among users - This violates the principle of least privilege and security best practices. Each user should have their own credentials.
-
C. Use access keys to log in to the AWS Management Console - Access keys are for programmatic access via APIs/SDKs, not for console login. Console login should use username/password or SSO.
-
E. Avoid using IAM roles to delegate permissions - IAM roles are actually a best practice for delegating permissions, especially for cross-account access and temporary credentials.
Additional IAM Best Practices:
-
Enable MFA for all users
-
Follow the principle of least privilege
-
Use IAM roles for EC2 instances
-
Monitor IAM activity with CloudTrail
-
Use IAM Access Analyzer to validate policies
Comments
Loading comments...