Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS Certified Developer Associate 2018 > iam > Flashcards

iam Flashcards

1
Q

Which of the following correctly describes a Customer Managed Policy? (Choose 2)

It can be assigned to multiple users, groups or roles in your account

It is managed by you

It is created and administered by AWS

The policy will be deleted if you delete the user, group or role it is associated with

A

It can be assigned to multiple users, groups or roles in your account

It is managed by you

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following are provided by AWS to allow you to easily assign IAM permissions to your users based on pre-defined common use cases?

Common Policy

Managed Policy

Custom Policy

Inline Policy

A

Managed Policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does Cognito use to manage sign-up and sign-in functionality for mobile and web applications?

User Pools

Identity Pools

IAM Users

IAM Groups

A

User Pools

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Amazon Cognito provides Web Identity Federation with which of the following features? (Choose 2)

Multi-Factor Authentication

Synchronization of user data across multiple device types

Sign-up and sign-in to your applications

Single sign-on for Active Directory users

A

Synchronization of user data across multiple device types

Sign-up and sign-in to your applications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Amazon Cognito is recommended for which use case?

Secure storage of database connection strings

Web Identity Federation for mobile applications

Anonymous access to AWS resources

Identity Federation with Active Directory

A

Web Identity Federation for mobile applications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following correctly describes an Inline Policy? (Choose 2)

The policy will be deleted if you delete the user, group or role it is associated with

You cannot change the permissions defined in the policy

It is embedded in a user, group or role

It can be attached to multiple users and groups within your AWS account

A

The policy will be deleted if you delete the user, group or role it is associated with

It is embedded in a user, group or role

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the name of the service that allows users to use their social media account to gain temporary access to the AWS platform?

Facebook Sign In Service

Web Identity Federation

Web Confederation Services

Active Directory Authentication Services

A

Web Identity Federation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which statement best describes IAM?

IAM allows you to manage users, groups, and roles and their corresponding level of access to the AWS Platform.

IAM stands for Improvised Application Management, and it allows you to deploy and manage applications in the AWS Cloud.

IAM allows you to manage permissions for AWS resources only.

IAM allows you to manage users’ passwords only. AWS staff must create new users for your organization. This is done by raising a ticket.

A

IAM allows you to manage users, groups, and roles and their corresponding level of access to the AWS Platform.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

You are working on a mobile phone app for an online retailer which stores customer data in DynamoDB. You would like to allow new users to sign-up using their Facebook credentials. What is the recommended approach?

After the user has authenticated with Facebook, allow them to download encrypted AWS credentials to their device so that the mobile app can access DynamoDB

Write your own custom code which allows the user to log in via Facebook and receive an authentication token, then calls the AssumeRoleWithWebIdentity API and exchanges the authentication tokens for temporary access to DynamoDB

Embed encrypted AWS credentials into the application code, so that the application can access DynamoDB on the user’s behalf.

After the user has successfully logged in to Facebook and received an authentication token, Cognito should be used to exchange the token for temporary access to DynamoDB

A

After the user has successfully logged in to Facebook and received an authentication token, Cognito should be used to exchange the token for temporary access to DynamoDB

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following applies to an AWS Managed Policy? (Choose 3)

You can change the default permissions defined in the policy

It can be assigned to multiple users, groups or roles

It can only be assigned to a single user, group or role in your account

It is available for use by any AWS account

AWS occasionally updates the permissions defined in an AWS managed policy

A

It can be assigned to multiple users, groups or roles

It is available for use by any AWS account

AWS occasionally updates the permissions defined in an AWS managed policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What does Cognito use to create unique identities for users and authenticate them with Web ID providers?

IAM Groups

IAM Users

User Pools

Identity Pools

A

Identity Pools

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which of the following features of IAM allows you to have your users Authenticate using Facebook, Google or Amazon?

Multi-Factor Authentication

Web Identity Federation

The IAM HTTPS API

AWS Single Sign-On (SSO)

A

Web Identity Federation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

When would you use an Inline Policy over a Managed Policy?

To add IAM permissions that can be applied to multiple AWS accounts that you own

To add IAM permissions for common use cases like giving your DBAs full access to DynamoDB

To add permissions that are only ever intended to be used for a single user in your account

When you want to manage the policy yourself

A

To add permissions that are only ever intended to be used for a single user in your account

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

You are developing a new mobile application to share photos, which AWS technology can you use to ensure your users have a seamless experience across all their devices?

IAM

Web Identity Federation

Cognito

Multi-Factor Authentication

A

Cognito

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

When using Web Identity Federation to allow a user to access an AWS service (such as an S3 bucket), which of the following is the correct order of steps?

A user logs in to the AWS platform using their facebook credentials. AWS authenticate with facebook to check the credentials. Temporary Security Access is granted to AWS.

A user makes the AssumeRoleWithWebIdentity API Call. The user is then redirected to facebook to authenticate. Once authenticated, the user is given an ID token. The user is then granted temporary access to the AWS platform.

A user authenticates with facebook first. They are then given an ID token by facebook, which they can then trade for temporary security credentials.

Users cannot use Facebook credentials to access the AWS platform.

A

A user authenticates with facebook first. They are then given an ID token by facebook, which they can then trade for temporary security credentials.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

AWS Certified Developer Associate 2018 (13 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions