Module 4 Flashcards
True or False?
AWS Organisations enables you to consolidate multiple AWS accounts so that you centrally manage them.
True
Which of the following are best practices to secure your account using AWS Identity and Access Management (IAM) ? (Choose two)
- Provide users with default administrative priviledges.
- Leave unused and unnecessary users and credentials in place.
- Manage access to AWS resources.
- Avoid using IAM groups to grant the same access permissions to multiple users.
- Define fine-grained access rights.
- Manage access to AWS resources.
- Define fine-grained access rights.
Which of the following should be done by the AWS account root user? (Select the best answer.)
- Secure access for applications
- Integrate with other AWS services
- Change granular permissions
- Change the AWS support plan.
- Change the AWS support plan.
After initial login, what does AWS recommend as the best practtice for the AWS account root user? (Select the best answer.)
- Delete the AWS account root user
- Revoke all permissions on the AWS account root user
- Restrict permission on the AWS account root user
- Delete the access keys of the AWS account root user
- Delete the access keys of the AWS account root user
How would a system adminstrator add an additional layer of login security to a user’s AWS Management Console? (Select the best answer.)
- Use Amazon Cloud Directory
- Audit AWS Identity and Access Management (IAM) roles
- Enable multi-factor authentication
- Enable AWS CloudTrail
- Enable multi-factor authentication
True or False?
AWS Key Management Servise (KMS) enables you to assess, audit, and evaluate the configurations of your AWS resources.
False
In the shared responsibility model, AWS is responsible for providing what ? (Select the best answer.)
- Security of the cloud
- Security to the cloud
- Security for the cloud
- Security in the cloud
- Security of the cloud
In the shared responsibility model, which of the following are examples of “security in the cloud” ? (Choose two)
- Compliance with compute security standards and regulations
- Physical security of the facilities in which the services operate
- Security group configurations
- Encryption of data at rest and data in transit
- Protecting the global infrastructure
- Security group configurations
- Encryption of data at rest and data in transit
Which of the the following is the responsibility of AWS under the AWS shared responsibility model? (Select the best answer.)
- Configuring third-party applications
- Maintaining physical hardware
- Secuirty application access and data
- Managing custom Amazon Maching Image (AMI)
- Maintaining physical hardware
When creating an AWS Identity and Access Management (IAM) policy, what are the two types of access that can be granted to a user? (Choose two)
- Institutional access
- Authorised access
- Programmatic access
- AWS Management Console access
- Administrative root access
- Programmatic access
- AWS Management Console access