Devices in the cloud datacenter should be secure against attack. All the following are means of hardening devices, except:

Removing all admin accounts is not a valid means of hardening devices in a cloud datacenter. While it is essential to limit access to administrative functions to enhance security, completely eliminating all admin accounts would hinder effective management and maintenance of the systems. Admin accounts are necessary for performing critical tasks such as updates, configuration changes, and troubleshooting. Instead of removing all admin accounts, best practices involve implementing strict access controls, ensuring that only trusted personnel have admin privileges, and regularly auditing these accounts to detect any unauthorized access or misuse.

In contrast, employing a strong password policy helps protect against unauthorized access by requiring complex and unique passwords for accounts. Removing default passwords is crucial as many devices come with widely known default credentials, making them easy targets for attackers. Strictly limiting physical access to servers and networking equipment is a fundamental security measure to prevent unauthorized individuals from gaining physical control over sensitive systems, thus reducing the risk of tampering or data theft.