A company is setting up AWS Identity and Access Management (IAM) on an AWS account. Which recommendation complies with IAM security best practices? A. Use the account root user access keys for administrative tasks. B. Grant broad permissions so that all company employees can access the resources they need. C. Turn on multi-factor authentication (MFA) for added security during the login process. D. Avoid rotating credentials to prevent issues in production applications.