ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS-SysOps All Questions

View all questions & answers for the AWS-SysOps exam
Go to Exam

Exam AWS-SysOps topic 1 question 313 discussion

Exam question from Amazon's AWS-SysOps
Question #: 313
Topic #: 1
[All AWS-SysOps Questions]

Your organization is preparing for a security assessment of your use of AWS.
In preparation for this assessment, which two IAM best practices should you consider implementing? (Choose two.)

  • A. Create individual IAM users for everyone in your organization
  • B. Configure MFA on the root account and for privileged IAM users
  • C. Assign IAM users and groups configured with policies granting least privilege access
  • D. Ensure all users have been assigned and are frequently rotating a password, access ID/secret key, and X.509 certificate
Show Suggested Answer Hide Answer
Suggested Answer: BC 🗳️
by karmaah at Nov. 23, 2019, 12:04 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
albert_kuo
11 months ago
Selected Answer: BC
A. Creating individual IAM users for everyone in your organization is a good practice for user management, but it does not directly address security concerns or IAM best practices.
upvoted 1 times
...
Finger41
1 year, 11 months ago
Selected Answer: BC
B & C - https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html
upvoted 2 times
...
TroyMcLure
2 years, 6 months ago
Correct Answers: B & C
upvoted 1 times
...
Saaho
2 years, 6 months ago
Not sure why D is ignored, Ensuring rotation of credentials is definitely a good practice.
upvoted 3 times
jaribu
2 years, 6 months ago
I dismissed D as an option because of the last part:" access ID/secret key, and....."
upvoted 2 times
...
...
awscertified
2 years, 7 months ago
B. Configure MFA on the root account and for privileged IAM users C. Assign IAM users and groups configured with policies granting least privilege access
upvoted 1 times
...
karmaah
2 years, 7 months ago
Assuming why not A considered. Scenario : if LDAP or AD is used in organization then, creating individual user is not required.
upvoted 2 times
karmaah
2 years, 7 months ago
Reanalyzed again. Looks default answers are good.
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago