Free AWS SAA-C03 Actual Exam Questions – Solutions Architect Questions - Question 3 Discussion
have been made to the default settings. The company is concerned about the security of the AWS
account root user.
What should be done to secure the root user?
A is out since you can’t really disable root, right?
Makes sense to avoid using root entirely for daily work—that’s why creating IAM users is key. So B fits best since it adds MFA to root without suggesting disabling it, which isn’t an option. B
Maybe B makes the most sense here since you can’t really disable the root user, but enabling MFA adds a strong layer of protection. Creating IAM users for daily tasks also limits root user exposure.
Maybe B because MFA on root is essential and disabling root isn’t actually possible.
Makes sense to avoid using the root user for daily stuff altogether. Option B stands out because it not only suggests creating IAM users for day-to-day tasks but also adds MFA on the root account, which is a key step since MFA isn’t enabled by default. A says to disable the root user, but I don’t think you can actually disable the root user in AWS. So B feels like the safest and most realistic approach here.
Not C, generating root keys is risky; better to enable MFA and use IAM users.
B tbh, enabling MFA on root and using IAM users for daily tasks is solid security practice.