Bird
0
0

How can you enforce multi-factor authentication (MFA) for IAM users to increase security?

hard📝 Application Q9 of 15
AWS - Identity and Access Management
How can you enforce multi-factor authentication (MFA) for IAM users to increase security?
AEnable MFA on the AWS account root user only
BCreate an IAM policy that denies all actions unless MFA is used
CUse AWS Config to monitor MFA usage
DAttach a role with MFA permissions to users
Step-by-Step Solution
Solution:

  1. Step 1: Understand how to enforce MFA in IAM

    You can write IAM policies that require MFA authentication for sensitive actions.

  2. Step 2: Evaluate other options

    Enabling MFA only on root user is insufficient; AWS Config monitors but does not enforce; roles do not grant MFA.

  3. Final Answer:

    Create IAM policy denying actions without MFA -> Option B

  4. Quick Check:

    MFA enforcement via IAM policy [OK]
Quick Trick: Use IAM policies to require MFA for actions [OK]
Common Mistakes:
MISTAKES
  • Thinking enabling MFA on root user covers all users
  • Confusing monitoring with enforcement
  • Assuming roles grant MFA automatically

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More AWS Quizzes
AWS Account and Billing - AWS Cost Explorer basics - Quiz 8hard AWS Account and Billing - Billing dashboard overview - Quiz 10medium AWS CLI - CLI output formats (json, table, text) - Quiz 1easy Cloud Computing Fundamentals - AWS global infrastructure (regions, AZs) - Quiz 2easy Cloud Computing Fundamentals - What is cloud computing - Quiz 6medium Cloud Computing Fundamentals - Edge locations and CloudFront overview - Quiz 1easy Identity and Access Management - Multi-factor authentication setup - Quiz 6medium S3 Fundamentals - Creating S3 buckets - Quiz 9hard Security Groups and Network ACLs - Why security groups matter - Quiz 13medium Security Groups and Network ACLs - Why security groups matter - Quiz 2easy