Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Certified Cloud Practitioner > Section 4b: IAM - Identity Access Management > Flashcards

Section 4b: IAM - Identity Access Management Flashcards

IAM continuation, CLI, SDK, roles, security tools, best practices, and user responsibilities.

1
Q

What are the 3 ways to access AWS?

A
  1. AWS Management Console (protected by password + MFA)
  2. AWS Command Line Interface (CLI): protected by access keys
  3. AWS Software Developer Kit (SDK) - for code: protected by access keys
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What’s the AWS CLI?

A

A tool that enables you to interact with AWS services using commands in
your command-line shell

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What’s the AWS SDK?

A

AWS Software Development Kit (AWS SDK)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is AWS Cloudshell?

A

A CLI within the cloud of AWS that gives the user access to a full repository.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is an IAM Role?

A

A role that allows AWS entities to perform actions on behalf of the user.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the 2 IAM Security Tools?

A
  1. IAM Credentials Report (account-level)
  2. IAM Access Advisor (user-level)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

IAM Credentials Report is

A

a report that lists all your account’s users and the status of their various
credentials

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

IAM Access Advisor is

A

A feature that shows the service permissions granted to a user and when those services were last accessed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

IAM best practices

A
  • Don’t use the root account except for AWS account setup
  • One physical user = One AWS user
  • Assign users to groups and assign permissions to groups
  • Create a strong password policy
  • Use and enforce the use of Multi Factor Authentication (MFA)
  • Create and use Roles for giving permissions to AWS services
  • Use Access Keys for Programmatic Access (CLI / SDK)
  • Audit permissions of your account using IAM Credentials Report & IAM
    Access Advisor
  • Never share IAM users & Access Keys
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is AWS responsible for according to the Shared Responsibility Model for IAM?

A
  • Infrastructure (global
    network security)
  • Configuration and
    vulnerability analysis
  • Compliance validation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the user responsible for according to the Shared Responsibility Model for IAM?

A
  • Users, Groups, Roles, Policies
    management and monitoring
  • Enable MFA on all accounts
  • Rotate all your keys often
  • Use IAM tools to apply
    appropriate permissions
  • Analyze access patterns &
    review permissions
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Certified Cloud Practitioner (9 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions