1. None. It isn't recommended to keep using the root account for any other case than emergency access to the account.
2. MFA is the procedure of entering multiple authentication factors when logging in – for example, a username will require the user's password and a Time-based One-time Password (TOTP) or certificate to authenticate.

3. Set the minimum password length; require at least one uppercase or lowercase character; number or special character; allow users to change their own passwords; enable password expiration after a number of days; prevent the reuse of passwords, enable administrative reset on expired passwords.
4. Users, Groups, Roles, and Policies.
5. Yes.
6. You can't retrieve an existing secret access key. A new key needs to be created.
7. Create a role with the appropriate S3 access and assign the role to the EC2 instance.
8. Use corporate directory federation, STS, and roles to authenticate users within your existing directory and grant them access to AWS resources.
9. False: CloudTrail is now enabled on all accounts by default and provides seven days of data so we can identify the user that deleted the EC2 instance.