Section 19 - Advanced Identity Flashcards

1
Q

AWS STS. STS stands for

Special Token System
Social Tokening System
Security Token Service
Service Tokenining Security

A

Security Token Service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

From an exam perspective, the main function of AWS STS (Security Token Service)

provide token to team of users
provide a security token
provide a token that’s secure
to provide short term credentials that allow temporary access to AWS resources

A

to provide short credentials that allow temporary access to AWS resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

With AWS STS (Security Token Service), what determines when the temporary credentials expire

they expire 1 day after creation
the user that created the credential sets the expiration
they expire after 1 hour
they expire after 3 days

A

the user that created the credential sets the expiration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Use cases for AWS STS (Security Token Service) - choose three

  • Access to RDS
  • IAM roles for cross/same account access
  • Identify federation - provide user identify in external systems with temporary access to AWS resources
  • Access to Fargate
  • IAM roles for EC2 - temp credentials for EC2 instances to access AWS resources
A
  • IAM roles for cross/same account access
  • Identify federation - provide user identify in external systems with temporary access to AWS resources
  • IAM roles for EC2 - temp credentials for EC2 instances to access AWS resources
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

This services lets you create user accounts for external users using your mobile and web applications

AWS ExternalAlias
AWS Cognito
AWS InCognito
AWS AliasCognito

A

AWS Cognito

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

When you log into an app or website using your FB, Google, or LinkedIn accounts, what AWS service that likely a result of?

AWS ExternalAlias
AWS Cognito
AWS InCognito
AWS AliasCognito

A

AWS Cognito

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Allows integration with Microsoft Active Directory

AWS ActiveDirectory
AWS ActiveDirectoryBridge
AWS Directory Services
AWS MicrosoftBridge

A

AWS Directory Services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Successor to AWS Single Sign-On

AWS IAM Center
AWS Single Sign On Duex
AWS Sign on
AWS Identity Center

A

AWS Identify Center

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Allows one sign in to the following
- AWS Accounts in AWS Organizations
- Business cloud applications (e.g. Salesforce, Box, Microsoft 365, etc)
- SAML2.0-enabled applications
- EC2 Windows instances

AWS IAM Center
AWS Single Sign On Duex
AWS Sign on
AWS Identity Center

A

AWS Identify Center

How well did you know this?
1
Not at all
2
3
4
5
Perfectly