Multiple Choice
A Security Administrator is restricting the capabilities of company root user accounts. The company uses AWS Organizations and has enabled it for all feature sets, including consolidated billing. The top-level account is used for billing and administrative purposes, not for operational AWS resource purposes. How can the Administrator restrict usage of member root user accounts across the organization?
A) Disable the use of the root user account at the organizational root. Enable multi-factor authentication of the root user account for each organizational member account.
B) Configure IAM user policies to restrict root account capabilities for each Organizations member account.
C) Create an organizational unit (OU) in Organizations with a service control policy that controls usage of the root user. Add all operational accounts to the new OU.
D) Configure AWS CloudTrail to integrate with Amazon CloudWatch Logs and then create a metric filter for RootAccountUsage . Configure AWS CloudTrail to integrate with Amazon CloudWatch Logs and then create a metric filter for RootAccountUsage .
Correct Answer:
Verified
Correct Answer:
Verified
Q62: A Security Engineer has been asked to
Q63: A company's on-premises networks are connected to
Q64: A company uses an Amazon S3 bucket
Q65: A company is using AWS Organizations to
Q66: An application is running on an Amazon
Q68: A security engineer received an Amazon GuardDuty
Q69: A company uses identity federation to authenticate
Q70: A Security Engineer manages AWS Organizations for
Q71: The Development team receives an error message
Q72: A company has a VPC with several