A company has mandated the use of multi-factor authentication (MFA) for all IAM users, and requires users to make all API-calls using the CLI. However, users are not prompted to enter MFA tokens, and are able to run CLI commands without MFA. In an attempt to enforce MFA, the company attached an IAM policy to all users that denies API calls that have not been authenticated with MFA. What additional step must be taken to ensure that API calls are authenticated using MFA?
A) Enable MFA on IAM roles, and require IAM users to use role credentials to sign API calls.
B) Ask the IAM users to log into the AWS Management Console with MFA before making API calls using the CLI.
C) Restrict the IAM users to use of the console, as MFA is not supported for CLI use.
D) Require users to use temporary credentials from the get-session token command to sign API calls.
Correct Answer:
Verified
Q324: A company's customers are reporting increased latency
Q325: A SysOps Administrator must take a team's
Q326: A web-commerce application stores its data in
Q327: Based on the AWS Shared Responsibility Model,
Q328: An organization is concerned that its Amazon
Q330: A company's static website hosted on Amazon
Q331: A SysOps Administrator is troubleshooting an AWS
Q332: A SysOps Administrator created an Amazon VPC
Q333: A Developer created an AWS Lambda function
Q334: During a security investigation, it is determined
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents