A Security Administrator is restricting the capabilities of company root user accounts. The company uses AWS Organizations and has enabled it for all feature sets, including consolidated billing. The top-level account is used for billing and administrative purposes, not for operational AWS resource purposes. How can the Administrator restrict usage of member root user accounts across the organization?
A) Disable the use of the root user account at the organizational root. Enable multi-factor authentication of the root user account for each organizational member account.
B) Configure IAM user policies to restrict root account capabilities for each Organizations member account.
C) Create an organizational unit (OU) in Organizations with a service control policy that controls usage of the root user. Add all operational accounts to the new OU.
D) Configure AWS CloudTrail to integrate with Amazon CloudWatch Logs and then create a metric filter for RootAccountUsage . Configure AWS CloudTrail to integrate with Amazon CloudWatch Logs and then create a metric filter for RootAccountUsage .
Correct Answer:
Verified
Q83: A company is operating an open-source software
Q84: A company is migrating its legacy workloads
Q85: For compliance reasons, a Security Engineer must
Q86: A company has an encrypted Amazon S3
Q87: An Application team has requested a new
Q89: A company's Developers plan to migrate their
Q90: A Security Engineer manages AWS Organizations for
Q91: A company has decided to migrate sensitive
Q92: A Development team has built an experimental
Q93: A company became aware that one of
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents