AWS Certified SysOps Administrator – Associate (legacy) — Question 832

Which of the following statements is true of IAM?

Answer options

• A. If you are configuring MFA for a user who will use a smartphone to generate an OTP, you must have the smartphone available in order to finish the wizard.
• B. If you are configuring MFA for a user who will use a smartphone to generate an OTP, the smartphone is not required in order to finish the wizard.
• C. If you are configuring MFA for a user who will use a smartphone to generate an OTP, you can finish the wizard on any device and later use the smartphone for authentication.
• D. None of these are correct.

Correct answer: A

Explanation

To successfully complete the IAM MFA configuration wizard for a virtual MFA device, you must scan a QR code and provide two consecutive one-time passwords generated by the target smartphone. This requirement ensures that the MFA device is properly synchronized before activation, making the presence of the smartphone mandatory during the setup process. Consequently, options B and C are incorrect because they suggest the setup can be finished without immediate access to the device.