Identity and Access Management

Question 1

What is an IAM role?

Answer 1

Permissions granted a trusted ENTITY over specified AWS resources. An IAM role is meant to be assigned to a trusted ENTITY (like another AWS service or a federated identity).

Question 2

What are valid third-party federated identity standards?

Answer 2

SAML 2.0

Active Directory

Question 3

What information does the IAM credential report provide?

Answer 3

The current state of security of your IAM users’ access credentials

Question 4

What will you need to provide for a new IAM user you’re creating who will use “programmatic access” to AWS resources?

Answer 4

An access key ID + secret access key

Question 5

What type of key will encrypt your data while in transit between your office and Amazon S3?

Answer 5

A client-side master key (in-transit encryption requires that the data be encrypted on the remote client before uploading)

Question 6

What does KMS use to encrypt objects stored on your AWS account?

Answer 6

Customer master key

Question 7

What is the purpose of the Service Organization Controls (SOC) reports found on AWS Artifact?

Answer 7

They attest to AWS infrastructure compliance with data accountability standards like Sarbanes-Oxley. SOC reports are reports on audits on AWS infrastructure that you can use as part of your own reporting requirements.

Question 8

What role can the documents provided by AWS Artifact play in your application planning?

Answer 8

They can help you confirm that your deployment infrastructure is compliant with regulatory standards.

They can provide insight into various regulatory and industry standards that represent best practices.