Explanation

Correct Answers:

• A. Configure a strong password policy - This is a fundamental security best practice that helps ensure users create strong, complex passwords that are resistant to brute-force attacks.
• D. Rotate access keys on a regular basis - Regularly rotating access keys reduces the risk of compromised credentials being used maliciously.

Incorrect Answers:

• B. Share the security credentials among users - This violates the principle of least privilege and security best practices. Each user should have their own credentials.
• C. Use access keys to log in to the AWS Management Console - Access keys are for programmatic access via APIs/SDKs, not for console login. Console login should use username/password or SSO.
• E. Avoid using IAM roles to delegate permissions - IAM roles are actually a best practice for delegating permissions, especially for cross-account access and temporary credentials.

Additional IAM Best Practices:

• Enable MFA for all users
• Follow the principle of least privilege
• Use IAM roles for EC2 instances
• Monitor IAM activity with CloudTrail
• Use IAM Access Analyzer to validate policies