IAM & Orgs Section Quiz

Question 1

Is there a limit to the number of IAM users in an AWS account?

Answer 1

5,000 per account

Question 2

Which of the following are features of IAM groups?

Answer 2

Admin groupings of IAM users

Can hold identity permissions

Question 3

Within AWS policies, what is always a priority?

Answer 3

Explicit deny

Question 4

What two policies are assigned to an IAM role?

Answer 4

Permissions policy

Trust policy

Question 5

Which of the following are true for IAM roles?

Answer 5

Roles can be assumed

When assumed - temporary credentials are generated

Question 6

What three features are provided by AWS orgs?

Answer 6

Consolidated billing

AWS account restrictions using SCP

Account organization via OU’s

Question 7

What functionality is provided by CloudTrail?

Answer 7

Account wide Auditing and API logging

Question 8

Is it possible to restrict what the account root user can do?

Answer 8

If AWS orgs are used … but not the management account

Question 9

What is role switching?

Answer 9

Assuming a role in another AWS account to access that account via the console UI

Question 10

What are valid IAM policy types?

Answer 10

AWS managed policy

Customer managed policy

Inline policies