Answer-first summary for fast verification
Answer: Configure a strong password policy., Rotate access keys on a regular basis.
## Explanation **Correct Answers:** - **A. Configure a strong password policy** - This is a fundamental security best practice that helps ensure users create strong, complex passwords that are resistant to brute-force attacks. - **D. Rotate access keys on a regular basis** - Regularly rotating access keys reduces the risk of compromised credentials being used maliciously. **Incorrect Answers:** - **B. Share the security credentials among users** - This violates the principle of least privilege and security best practices. Each user should have their own credentials. - **C. Use access keys to log in to the AWS Management Console** - Access keys are for programmatic access via APIs/SDKs, not for console login. Console login should use username/password or SSO. - **E. Avoid using IAM roles to delegate permissions** - IAM roles are actually a best practice for delegating permissions, especially for cross-account access and temporary credentials. **Additional IAM Best Practices:** - Enable MFA for all users - Follow the principle of least privilege - Use IAM roles for EC2 instances - Monitor IAM activity with CloudTrail - Use IAM Access Analyzer to validate policies
Author: Ritesh Yadav
Ultimate access to all questions.
No comments yet.
Which actions represent best practices for using AWS IAM? (Select TWO.)
A
Configure a strong password policy.
B
Share the security credentials among users of AWS accounts who are in the same Region.
C
Use access keys to log in to the AWS Management Console.
D
Rotate access keys on a regular basis.
E
Avoid using IAM roles to delegate permissions.