Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS Certified Cloud Practitioner (Udemy Stephane Maarek) > IAM - Identity and Access Management > Flashcards

IAM - Identity and Access Management Flashcards

1
Q

Mapped to a physical user, has a password for AWS Console

  • Groups
  • Policies
  • Users
  • AWS CLI
A

Users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Contains users only

  • Security
  • Groups
  • Access Keys
  • AWS SDK
A

Groups

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

JSON document that outlines permissions for users or groups

  • Security
  • Users
  • Groups
  • Policies
A

Policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

MFA + Password Policy

  • Audit
  • AWS CLI
  • Groups
  • Security
A

Security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Manage your AWS services using the command-line

A

AWS CLI

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Manage your AWS services using a programming language

A

AWS SDK

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Access AWS services using a programming language

A

Access Keys

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

IAM Credential Reports & IAM Access Advisor

A

Audit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is a proper definition of IAM roles

  • An IAM entity that defines a set of permissions for making AWS service requests, that will be used by AWS services
  • IAM Users in multiple Groups
  • A password policy
  • Permissions assigned to Users to perform actions
A

An IAM entity that defines a set of permissions for making AWS service requests, that will be used by AWS services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following is an IAM Security Tool?

  • IAM Credentials Report
  • IAM Root Account Manager
  • IAM Services Report
  • IAM Security Advisor
A

IAM Credentials Report

Note: IAM Credentials report lists all your account’s users and the status of their various credentials. The other IAM Security Tool is IAM Access Advisor. It shows the service permissions granted to a user and when those services were last accessed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which answer is INCORRECT regarding IAM Users?

  • IAM Users can belong to multiple groups
  • IAM Users don’t have to belong to a group
  • IAM Users can have policies assigned to them
  • IAM Users access AWS with the root account credentials
A

IAM Users access AWS with the root account credentials

NOTE: IAM Users access AWS using a username and password

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which of the following is an IAM best practice?

  • Don’t use the root user account
  • Create several users for a physical person
  • Share credentials so a colleague can perform a task for you
  • Do not enable MFA for easier access
A

Don’t use the root user account

NOTE: You only want to use the root account to create your first IAM user, and for a few account and service management tasks. For every day and administration tasks, use an IAM user with permissions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are IAM Policies?

  • AWS services performable actions
  • JSON documents to define Users, Groups or Roles’ permissions
  • Rules to set up a password for IAM Users
A

JSON documents to define Users, Groups or Roles’ permissions

NOTE: An IAM policy is an entity that, when attached to an identitiy or resource, defines their permissions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Under the shared responsibility model, what is the customer responsible for in IAM?

  • Infrastructure security
  • Compliance validation
  • Configuration and vulnerability analysis
  • Assigning users proper IAM Policies
A

Assigning users proper IAM Policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following statements is TRUE

  • The AWS CLI can interact with AWS using commands in your command-line shell, while the AWS SDK can interact with AWS programmatically
  • The AWS SDK can interact with AWS using commands in your command-line shell, while the AWS CLI can interact with AWS programmatically
A

The AWS CLI can interact with AWS using commands in your command-line shell, while the AWS SDK can interact with AWS programmatically

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which principle should you apply regarding IAM Permissions?

  • Grant most privilege
  • Grant least privilege
  • Grant permissions if your employee asks you too
  • Restrict root account permissions
A

Grant least privilege

17
Q

What should you do to increase your root account security?
- Enable Multi-Factor Authentication (MFA)
- Remove permissions from the root account
- Use AWS only through the Command Line Interface (CLI)

A

Enable Multi-Factor Authentication (MFA)

AWS Certified Cloud Practitioner (Udemy Stephane Maarek) (4 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions