Quiz about Cloud QUIZ

Question 1

Least Privilege approach is to give users as many rights as possible and revoke back after.

Accepted Answer

false

Answer

true

Question 2

Which IAM Entity is ideal for AWS services that need to make calls to other AWS services on your behalf?

Accepted Answer

Role

Answer

User

Answer

Group

Question 3

What is required to make programmatic calls to AWS using AWS CLI, the AWS SDKs, or direct HTTPS calls using the APIs for individual services?

Accepted Answer

I am User access Key/ secret key

Answer

Admin User Priviledges

Answer

IAM Role

Answer

MFA Authentication

Question 4

Which type of identity-based policy provides a more precise access control and can be attached to multiple entities?

Accepted Answer

Customer Managed

Answer

AWS Managed

Answer

Inline

Question 5

if policies that apply to a request include an Allow statement and a Deny Statement, the allow statement supercedes the Deny Statement

Accepted Answer

False

Answer

True

Question 6

An implicit denial occurs when there is no applicable Deny statement but also no applicable Allow statement.

Accepted Answer

True

Answer

False

Question 7

Which type of identity-based policy maintains a strict one-to-one relationship between the policy and the principal entity that it's applied to?

Accepted Answer

Inline

Answer

AWS Managed

Answer

Customer Managed

Question 8

A solutions architect is deploying an application on Amazon EC2, which must call AWS APIs. What method should they use to securely pass credentials to the application?

Accepted Answer

Assign an IAM role to the EC2 instance.

Answer

Pass API credentials to the instance using instance user data.

Answer

Store API credentials as an object in an Amazon S3 bucket.

Answer

Embed the API credentials into the application.

Question 9

Which of the following is NOT a feature of AWS Security Token Service?

Accepted Answer

AWS STS enables users to request Git credentials.

Answer

AWS STS enables users to request temporary limited-privilege credentials.

Answer

AWS STS enables users to assume a role.

Answer

AWS STS generates federated credentials for IAM users.

Question 10

A solutions architect has written an AWS Lambda function that writes customer data to an Amazon DynamoDB table. Which of the following must be in place to ensure that the Lambda function can interact with the DynamoDB table?

Accepted Answer

An IAM role is attached to the Lambda function with the required DynamoDB privileges.

Answer

An IAM user is attached to the Lambda function that has the required DynamoDB privileges.

Answer

Access keys are embedded in the AWS Lambda function.

Answer

The IAM user password is embedded in the AWS Lambda function.

Question 11

An architect is developing a mobile application and wants to issue temporary security credentials to users of the application. Which is the best service to achieve this?

Accepted Answer

AWS STS

Answer

Amazon Cognito

Answer

AWS SSO

Answer

AWS IAM

Question 12

A security engineer is approached by a solutions architect after an EC2 instance was shut down unexpectedly, compromising the workload. Which AWS service is used to investigate who shut down the workload?

Accepted Answer

AWS CloudTrail

Answer

Amazon CloudWatch

Answer

AWS Config

Answer

AWS Systems Manager

Cloud QUIZ

Create a free account and access millions of resources

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Science