AWS Certified Solutions Architect – Associate (SAA-C03) — Question 236

A solutions architect has created a new AWS account and must secure AWS account root user access.

Which combination of actions will accomplish this? (Choose two.)

Answer options

• A. Ensure the root user uses a strong password.
• B. Enable multi-factor authentication to the root user.
• C. Store root user access keys in an encrypted Amazon S3 bucket.
• D. Add the root user to a group containing administrative permissions.
• E. Apply the required permissions to the root user with an inline policy document.

Correct answer: A, B

Explanation

Choosing A and B is correct because using a strong password and enabling multi-factor authentication are essential steps to secure the root user account against unauthorized access. Options C, D, and E are not applicable since the root user should not have access keys or be added to groups, and inline policies are not the best practice for root user permissions.