Question #825
A new employee joins a company and requires access to AWS services. Which security measures should be implemented? (Choose two.)
Assign permissions strictly necessary for the employee's role.
Provide the employee with the root user access keys.
Include the employee in the Administrators IAM group.
Set a password policy that disallows special characters.
Enforce a password policy with a minimum length of 14 characters.
Explanation
Answer A ensures adherence to the principle of least privilege, limiting access to only what the employee needs, reducing potential attack surfaces. Answer E strengthens security by requiring longer passwords, which are harder to compromise.
B is incorrect because root access keys grant unrestricted privileges, posing a severe security risk. C is risky unless the role explicitly requires admin access, which is uncommon for new employees. D weakens password security by disallowing special characters, contrary to best practices. Key AWS security measures include least privilege access and robust password policies with complexity requirements.
Answer
The correct answer is: AE