An organization has enabled a strict password policy for its IAM users. The organization is taking help from the IAM
console to set the password policy. Which of the below mentioned rules cannot be specified by the user as a part of the
policy?
A.
Allow at least one lower case letter
B.
Allow at least one number
C.
Allow at least one non-alphanumeric character
D.
Do not allow the user to use the password from the last three passwords
Explanation:
AWS IAM allows an organization to create multiple users and provide them access to various AWS services. By default
when the user is created, he does not have password enabled and can not login to AWS console. If the organization
wants to allow the users to login to AWS console, they can enable password for each user. It is required that IAM users
follow certain guidelines to set their IAM login password. For this IAM provides root account owner to setup passwrod
policy. The password policy also lets the specify whether all IAM users can change their own passwords. As part of policy,
organization can specify that passwords for IAM users must be of a certain minimum length, must include certain
characters, and a few more criteria such as below:
One upper / lower or both letters
One alpha numeric
One number
http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html
There seems to be no correct answer to this (possibly outdated) question since option D can also be specifed. See https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_account-policy.html#IAMPasswordPolicy
12
1
D
0
1
D
0
1