Which of the following are best practices to secure your account using the identity and Access Management (IAM)? (Choose 2)

Question

BlackTom AI · Accepted Answer

When evaluating best practices for securing an account with IAM, we should assess each option against core principles like least privilege, proper access management, and avoiding stale credentials.
Option 1: Define fine-grained access rights. This aligns with least privilege and the principle of granting only the minimum permissions needed for a task. Fine-grained access allows precise control over who can do what, helping to reduce risk if credentials are compromised or if a user changes roles.
Option 2: Managing access to AWS resources. Centralized and careful management of how users and services access resources is essential for security. This includes establishing policies, roles, and groups, monitoring access patterns, and ensuring that access is appropriate for the resource in question. It reflects a fundamental security practice in IAM.
Option 3: Avoid using IAM groups to grant the same access permissions to multiple users. This is misleading; IAM groups are a standard and recommended mechanism to manage permissions for many users who share the same access needs. Using groups simplifies administration and helps ensure consistency in permissions across users with similar roles. Therefore, avoiding groups is generally counterproductive to efficient and secure IAM management.
Option 4: Provide users with default administrative privileges. Granting default administrative privileges contradicts the least-privilege principle and greatly increases the risk surface. Admin rights should be restricted to only those who genuinely need them and should be reviewed regularly.
Option 5: Leave unused and unnecessary users and credentials in place. Retaining unused accounts and credentials creates potential entry points for attackers and complicates access auditing. Best practice is to disable or remove unused users and rotate or revoke their credentials.
In summary, the options that best reflect security best practices are those that promote precise permissioning and controlled access management (Options 1 and 2). The remaining choices describe approaches that either add unnecessary risk or hinder effective IAM administration.

Which of the following are best practices to secure your account using the identity and Access Management (IAM)? (Choose 2)

查看解析

登录即可查看完整答案

类似问题

What components ensure secure access and management of user identities within the digital ecosystem?

Which IAM security practices are recommended? (Select ALL that apply)

Which of the following describes a security best practice that can be implemented by using AWS Identity and Access Management (IAM)?

Which AWS service enables identity and access management?

With AWS IAM, you can manage which THREE of the following?

What is the best practice for applying permissions to many users who perform the same job?

Which of the followings is not an AWS IAM identity?

Which domain contains critical systems and applications that support and provide various services that perform core functions like authentication, authorization, and data management?

更多留学生实用工具

考试浏览器助手

风格化写作助手

论文查重助手

文献引用助手

课堂转译助手

课堂笔记助手

Quiz搜索助手

学校历年真题

智能刷题助手

智能匹配练习

希望你的学习变得更简单