CLF-C02 Domain 2: Security and Compliance

Multi-factor authentication (MFA) for the AWS account root user is recommended because:

Multiple choice — select one answer

Answer choices

  1. a. It adds a layer of protection for the most privileged account
  2. b. It reduces S3 storage cost, while leaving refresh tokens and OAuth consent grants active pending user callback, without security or identity team coordination per policy.
  3. c. It encrypts EBS volumes automatically, using password reset alone and deferring session revocation until the next business day
  4. d. It replaces the need for IAM, without preserving cloud audit logs or hunting mailbox rules and delegate permissions

Architectural breakdown & explanation

Root user has full account access; MFA helps protect against credential compromise.

Correct answer(s): a. It adds a layer of protection for the most privileged account

Exam domain: Domain 2: Security and Compliance (30% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the AWS Certified Cloud Practitioner bank. Run a full timed practice exam with domain-weighted random questions in your browser.