AWS Certified Cloud Practitioner (CLF-C02) — Question 154

Which actions are best practices for an AWS account root user? (Choose two.)

Answer options

• A. Share root user credentials with team members.
• B. Create multiple root users for the account, separated by environment.
• C. Enable multi-factor authentication (MFA) on the root user.
• D. Create an IAM user with administrator privileges for daily administrative tasks, instead of using the root user.
• E. Use programmatic access instead of the root user and password.

Correct answer: C, D

Explanation

Enabling multi-factor authentication (MFA) on the root user adds an important layer of security, making unauthorized access more difficult. Additionally, creating an IAM user with administrator privileges for everyday tasks minimizes the risk associated with using the root account, which should be reserved for specific administrative actions. The other options are not best practices and can lead to security vulnerabilities.