Which of the following security measures protect access to an AWS account? (Select TWO.)
A . Enable AWS CloudTrail.
B . Grant least privilege access to IAM users.
C . Create one IAM user and share with many developers and users.
D . Enable Amazon CloudFront.
E . Activate multi-factor authentication (MFA) for privileged users.
Answer: B,E
Explanation:
If you decided to create service accounts (that is, accounts used for programmatic access by applications running outside of the AWS environment) and generate access keys for them, you should create a dedicated service account for each use case. This will allow you to restrict the associated policy to only the permissions needed for the particular use case, limiting the blast radius if the credentials are compromised. For example, if a monitoring tool and a release management tool both require access to your AWS environment, create two separate service accounts with two separate policies that define the minimum set of permissions for each tool.
Latest CLF-C01 Dumps Valid Version with 721 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund