Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

1Solutions Associate Architect SAA-C01 > Identity and Access Management > Flashcards

Identity and Access Management Flashcards

1
Q

IAM makes it easy to provide multiple users _____ _____ to AWS resources.

A

Secure access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

IAM can manage users’ credentials, MFA, and Groups. What are three other Key features that IAM offers?

A
  • Roles
  • Access policies
  • Password policies
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What must be explicitly granted to allow a user to access an AWS service?

A

Permission

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

IAM is a _____ service that is described as eventually _____.

A

IAM is a Universal service that is described as eventually consistent

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

3 Authentication methods:

  • Console _________: use to login to AWS Management Console
  • Access ___: Used for programmatic access
  • _______ Certificates : Uses SSL/TLS certificates
A
  • Console password: use to login to AWS Management Console
  • Access keys: Used for programmatic access
  • Server certificates: Uses SSL/TLS certificates
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

An IAM user is an entity that represents a _______ or _______

A

An IAM user is an entity that represents a person or service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

IAM users can be created to represent applications, and these are known as _______ ________

A

IAM users can be created to represent applications, and these are known as Service accounts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

You can have up to _____ users per AWS account

A

5000

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

IAM Groups are collections of _____ and have _____ attached to them

A

IAM Groups are collections of users and have policies attached to them

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A ____ is not an identity and cannot be identified as a ____ in an IAM policy.

A

A group is not an identity and cannot be identified as a principal in an IAM policy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Use groups to assign ______ to users.

A

Permission

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

You cannot ____ groups within groups

A

nest

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

IAM users or AWS services can assume a role to obtain ________ ________ credentials

A

IAM users or AWS services can assume a role to obtain temporary security credentials

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Temporary security credentials are issued by the AWS ________ _____ Service

A

Temporary security credentials are issued by the AWS Security Token Service (STS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

IAM Policies are documents that define permissions that can be applied to _____, _____, or _____

A

IAM Policies are documents that define permissions that can be applied to users, groups, or roles

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Policy documents are written in what programming language?

A

JSON

17
Q

Resources-based policies are attached to a ________ or define permissions for a _________ accessing the resource

A

Resources-based policies attached to a resource or define permissions for a principal accessing the resource

18
Q

AWS Organizations:

Service Control Policies (SCP) allow you to control the _________ _________ for an __________ or an __

A

Service Control Policies (SCP) allow you to control the maximum permissions for an organization or an OU

19
Q

Session policies are used with __________ ___ actions

A

Session policies are used with AssumeRole API actions

20
Q

IAM Best Practices:

Use ____ to assign permissions to IAM users

A

Use groups to assign permissions to IAM users

21
Q

IAM Best Practices: Get started using permissions with AWS ____ _____

A

Get started using permissions with AWS managed policies

22
Q

IAM Best Practices: Use customer-managed policies instead of ____ _____

A

Inline policies

23
Q

IAM Best Practices: Use access levels to review ____ _____

A

IAM Permissions

24
Q

IAM Best Practices: Use roles for applications that run on Amazon ____ __________

A

EC2 instances

25
Q

IAM Best Practices: Rotate credentials _________

A

regularly

26
Q

IAM Best Practices: Use policy conditions for _____ _________

A

IAM Best Practices: Use policy conditions for extra security

27
Q

Using _______ _______ ________ is the only way to limit root account access

A

Using Service control policies (SCP) is the only way to limit root account access

28
Q

What feature allows you to log into your PC and use those same credentials to log into AWS?

A

IAM Federation

1Solutions Associate Architect SAA-C01 (16 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions