IAM

Question 1

What’s the most important thing you can do to secure the root account?

Answer 1

Enable MFA

Question 2

TRUE or FALSE?
Users, groups, and policies are global.

Answer 2

TRUE

Question 3

[for IAM] users should be grouped into groups based on ___ _______.

Answer 3

job function (i.e. whatever job functions you have within the organisation you should create a group for it.)

Question 4

It’s best practice for users to:
a) be assigned permissions directly
b) to inherit permissions from groups

Answer 4

b) to inherit permissions from groups

Question 5

Why is it best practice for users to inherit permissions from groups?

Answer 5

It’s easier to manage.

Question 6

When is the root account created?

Answer 6

When you first set up your AWS account

Question 7

Which permissions do users have by default when they are first created?

Answer 7

None

Question 8

What are Access Key IDs and Secret Access Keys used for?

Answer 8

for programmatic access to the AWS console

Question 9

TRUE or FALSE?
You can view the Access Key ID and Secret Access Keys at any time via the console.

Answer 9

FALSE: You only get to view them once. If you lose them you need to regenerate them. Save them in a secure location.

Question 10

To give users in a group appropriate permissions, do you attach
a) a policy
b) a role
to the group?

Answer 10

a) a policy