Attempt to remove administrator privileges from the root user is the action to avoid because the AWS account root user is created with full account privileges and those privileges cannot be reduced or removed.

The root user is the original identity that owns the account and it has unrestricted access to all resources and billing. AWS does not provide a way to revoke or downgrade the root user permissions, and attempting to do so is not a valid hardening step. Instead you should secure the root identity through other controls and use delegated IAM users and roles for everyday tasks.

Keep the root sign-in credentials private and never share them is not the action to avoid because keeping credentials secret follows least privilege and reduces exposure risk and it is a recommended practice.

Enable MFA for the root user is not the action to avoid because multifactor authentication adds a strong second factor and AWS explicitly recommends enabling MFA on the root account.

Lock away and avoid using the root user access keys is not the action to avoid because avoiding or deleting root access keys prevents broad, hard to control access and aligns with AWS guidance.

Full AWS Practitioner Certification Question