Exam-Answer

Home / Amazon / CLF-C01 / Question 103

Prev Question
Next Question

Question 103

Which of the following security measures protect access to an AWS account? (Choose two.)

Answers


Advertisement

Explanation

If you decided to create service accounts (that is, accounts used for programmatic access by applications running outside of the AWS environment) and generate access keys for them, you should create a dedicated service account for each use case. This will allow you to restrict the associated policy to only the permissions needed for the particular use case, limiting the blast radius if the credentials are compromised. For example, if a monitoring tool and a release management tool both require access to your AWS environment, create two separate service accounts with two separate policies that define the minimum set of permissions for each tool.

References

Comments

Load more
Prev Question
Next Question