AWS Certified Security – Specialty — Question 167

A company's Chief Security Officer has requested that a Security Analyst review and improve the security posture of each company AWS account. The Security
Analyst decides to do this by improving AWS account root user security.
Which actions should the Security Analyst take to meet these requirements? (Choose three.)

Answer options

• A. Delete the access keys for the account root user in every account.
• B. Create an admin IAM user with administrative privileges and delete the account root user in every account.
• C. Implement a strong password to help protect account-level access to the AWS Management Console by the account root user.
• D. Enable multi-factor authentication (MFA) on every account root user in all accounts.
• E. Create a custom IAM policy to limit permissions to required actions for the account root user and attach the policy to the account root user.
• F. Attach an IAM role to the account root user to make use of the automated credential rotation in AWS STS.

Correct answer: A, C, D

Explanation

The correct actions involve deleting the access keys (A) to prevent unauthorized access, implementing a strong password (C) to enhance account security, and enabling multi-factor authentication (D) to provide an additional layer of protection. Options B, E, and F are incorrect as they either suggest deleting the root user, which is not possible, or do not directly improve the root user's security posture.