Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Certified Cloud Practitioner > Section 4a: IAM - Identity and Access Management > Flashcards

Section 4a: IAM - Identity and Access Management Flashcards

Intro to IAM, policies, permissions, and MFA

1
Q

IAM is

A

Identity and Access Management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A Root account is

A

An account created by default. It shouldn’t be used or shared.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Users are

A

People within your org that can be added to groups.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Groups are

A

Groupings of users. In AWS groups can ONLY contain users, not other groups.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

IAM permissions are defined in what format?

A

JSON

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the least
privilege principle

A

Not giving a user more permissions than they need

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Group policies get applied to

A

The whole group

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

In-line policies get applied to

A

A specific user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

IAM (permissions) policy consists of

A
  1. Version
  2. ID (optional)
  3. Statement(s)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Statements consist of

A
  • Sid (optional)
  • Effect
  • Principal
  • Action
  • Resource
  • Condition (optional)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Sid is

A

an identifier for the statement (optional)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Effect is

A

whether the statement allows or denies access
(Allow, Deny)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Principle is

A

account/user/role to which this policy applied to

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Action is

A

a list of actions this policy allows or denies. They are also API calls a permission allows a user to do.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Resource is

A

list of resources to which the actions applied to

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Condition is

A

conditions for when this policy is in effect

17
Q

What can you do with an IAM Password Policy?

A
  • Set a minimum password length
  • Require specific character types:
  • Allow all IAM users to change their own passwords
  • Require users to change their password after some time (password expiration)
  • Prevent password re-use
18
Q

MFA stands for

A

Multi Factor Authentication

19
Q

MFA is

A

password you know + security device you own giving a secure login

20
Q

What is the main benefit of MFA?

A

if a password is stolen or hacked, the account is not compromised

21
Q

The 4 MFA device options in AWS

A
  1. Virtual MFA device
    2.Universal 2nd Factor (U2F) Security Key
  2. Hardware Key Fob MFA Device
  3. Hardware Key Fob MFA Device for
    AWS GovCloud (US)

Certified Cloud Practitioner (9 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions