AWS Certified SysOps Administrator SOA-C01 – Question625

A SysOps Administrator needs to confirm that security best practices are being followed with the AWS account root user.
How should the Administrator ensure that this is done?

A.
Change the root user password by using the AWS CLI routinely.
B. Periodically use the AWS CLI to rotate access keys and secret keys for the root user.
C. Use AWS Trusted Advisor security checks to review the configuration of the root user.
D. Periodically distribute the AWS compliance document from AWS Artifact that governs the root user configuration.

Correct Answer: B

Explanation: