nerdexam
ExamsCLF-C02Questions#645
AmazonAmazon

CLF-C02 · Question #645

CLF-C02 Question #645: Real Exam Question with Answer & Explanation

The correct answer is B: Use roles to delegate permissions.. Use roles to delegate permissions: Using IAM roles allows you to grant temporary permissions to resources without sharing long-term credentials. This is a secure practice for cross-account access or for AWS services needing permissions. Use groups to assign permissions to IAM use

Submitted by tyler.j· Mar 6, 2026Security and Compliance

Question

Which of the following are best practices in AWS Identity and Access Management (IAM)? (Choose two.)

Options

  • ACreate shared access keys.
  • BUse roles to delegate permissions.
  • CDisable multi-factor authentication (MFA).
  • DAvoid the use of policy conditions.
  • EUse groups to assign permissions to IAM users.

Explanation

Use roles to delegate permissions: Using IAM roles allows you to grant temporary permissions to resources without sharing long-term credentials. This is a secure practice for cross-account access or for AWS services needing permissions. Use groups to assign permissions to IAM users: By using groups, you can manage permissions for multiple users collectively, simplifying administration and ensuring consistency in access

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CLF-C02 PracticeBrowse All CLF-C02 Questions