One of the AWS account owners faced a major challenge in June as his account was hacked and
the hacker deleted all the data from his AWS account. This resulted in a major blow to the
business. Which of the below mentioned steps would not have helped in preventing this action?

A.
Setup an MFA for each user as well as for the root account user.

B.
Take a backup of the critical data to offsite / on premise.

C.
Create an AMI and a snapshot of the data at regular intervals as well as keep a copy to separate
regions.

D.
Do not share the AWS access and secret access keys with others as well do not store it inside
programs, instead use IAM roles.

Explanation:
AWS security follows the shared security model where the user is as much responsible as
Amazon. If the user wants to have secure access to AWS while hosting applications on EC2, the
first security rule to follow is to enable MFA for all users. This will add an added security layer. In
the second step, the user should never give his access or secret access keys to anyone as well
as store inside programs. The better solution is to use IAM roles. For critical data of the
organization, the user should keep an offsite/ in premise backup which will help to recover critical
data in case of security breach. It is recommended to have AWS AMIs and snapshots as well as
keep them at other regions so that they will help in the DR scenario. However, in case of a data
security breach of the account they may not be very helpful as hacker can delete that.
Therefore ,creating an AMI and a snapshot of the data at regular intervals as well as keep a copy
to separate regions, would not have helped in preventing this action.
http://media.amazonwebservices.com/pdf/AWS_Security_Whitepaper.pdf