What is the principle of least privilege in information security?

Giving IAM principals permissions to only the resources they need and no more

Giving IAM principals permissions to all resources

Assigning an MFA token to every user

Enforcing a password policy to all IAM users

By default, what permissions do IAM principals have when they are created?

Limited permissions based on common job roles

What does an IAM policy consist of at a minimum?

One or more permission statements

What is the effect of an IAM policy statement?

It allows or denies access to a resource

It specifies the AWS service to be used

It designates the principal that will receive the permissions

It lists the actions that can be performed on a resource

What can the 'Action/Operation' element of an IAM policy specify?

The set of actions or operations that can be performed on AWS resources

The user who performs the action

The resource that the action can be performed on

The conditions under which the policy is effective

What is a customer-managed policy in AWS IAM?

A standalone policy created and managed by the customer

A policy managed by AWS for common job roles

A policy that automatically applies to all AWS accounts

A policy that grants full access to AWS resources

What is an inline policy in the context of IAM?

A set of permissions embedded in an IAM principal or group

A policy that is attached to multiple IAM principals simultaneously

A managed policy that exists independently of any IAM principals

A document that outlines the structure of IAM within an organization

What is the purpose of permissions boundaries?

To limit the maximum permissions an IAM principal can be assigned

To define the structure of IAM roles and responsibilities

To grant all permissions available in AWS to a user

To attach a policy to the wrong principal

What happens if you attach the AdministratorAccess policy to a user with a permissions boundary that only allows actions in EC2?

The user will only be able to perform actions in EC2

The user will have full access to all AWS services

The user's permissions boundary will be overridden by the AdministratorAccess policy

The user will not be able to perform any actions in AWS

According to the text under "Roles," what is a role in IAM?

An IAM principal without a password or access key

A user with a password and access key

What does the AdministratorAccess permissions policy allow according to the exercise instructions?

Full access to all AWS services

Limited access to EC2 instances only

What does the permissions boundary policy override according to the exercise instructions?

It overrides the AdministratorAccess policy to limit actions to EC2 only.

It grants additional permissions beyond the AdministratorAccess policy.

It removes all access to AWS services.

It has no effect on the AdministratorAccess policy.

What does the "Effect": "Allow" in the permissions policy JSON indicate?

It allows access to the specified actions

It denies access to the specified actions

It is irrelevant to the access level

It encrypts the specified actions

What is the purpose of a trust policy in an IAM role?

To allow an AWS resource to assume the role

To define the actions a user can perform

When IAM automatically creates an instance profile with the same name as the role, what is the purpose of this instance profile?

To allow the EC2 instance to assume the role

To provide billing details for the EC2 instance

To restrict the EC2 instance from accessing other services

To log the activities performed by the EC2 instance

Which AWS CLI command is used to view the instance profile associated with a specific role?

aws iam list-instance-profiles-for-role --role-name MyAppRole

aws iam get-instance-profile --role-name MyAppRole

aws iam describe-instance-profiles --role MyAppRole

aws iam show-instance-profile --role MyAppRole

What does the "Action" field in the AssumeRolePolicyDocument specify in the provided JSON output?

The permission to assume the IAM role

The permission to launch an EC2 instance

The permission to delete the IAM role

The permission to modify the IAM role

Which AWS service places the temporary credentials in the instance metadata when an instance is associated with an instance profile?

AWS Security Token Service (STS)

AWS Identity and Access Management (IAM)

AWS Key Management Service (KMS)

What is the purpose of the credentials shown in the example?

To authenticate to the AWS API for performing operations

To increase the security of the AWS Management Console

What should be done to ensure the security of the access key ID, secret access key, and session token?

Be very careful to avoid exposing them

Which AWS CLI command correctly exports the ACCESS_KEY_ID from the given example?

export AWS_ACCESS_KEY_ID=ASIAT5J6QWJME3E2SJ56C

export AWS_ACCESS_KEY_ID=MyAppRole

export AWS_ACCESS_KEY_ID=Success

export AWS_ACCESS_KEY_ID=2018-10-14T20:47:19Z

What is the potential risk if a user may use the credentials to attempt to enumerate resources using the AWS CLI?

They can gain unauthorized access

They can perform operations with no limitations

They can delete the AWS account

What principle should be followed to avoid granting a role more permissions than it requires?

Principle of sufficient privilege

What can you do as an additional precaution to ensure IAM roles are not overly permissive?

Disable Security Token Service on a per-region basis

Increase the permissions of the IAM user

Grant all permissions to the IAM user

What is the first step to create and assume a role as an IAM user according to Exercise 12.2?

Click Roles on the menu on the left side of the IAM Dashboard screen and then click the Create Role button.

Select the AmazonEC2ReadOnlyAccess AWS managed policy.

According to the instructions in Exercise 12.2, how do you access the Switch Role feature in the AWS Management Console?

Click on the navigation bar at the top of the AWS Management Console and select your IAM account name.

Click on the Roles menu and select the newly created role.

Click on the Create Role button.

What will happen if you try to launch an EC2 instance with a role that doesn't have the RunInstances permission?

The instance will launch without any issues.

The instance will launch, but with limited functionality.

The instance will launch, but it will not be accessible.

Which AWS service offers optional bucket policies that control access to objects or entire buckets?

Simple Notification Service (SNS)

Which service uses resource-based SQS access policies to control who can send to and receive messages from a queue?

Simple Notification Service (SNS)

What is the purpose of detective controls in AWS?

To keep a record of the events that occur in your AWS environment and alert you to security incidents or potential threats

To modify the security settings of your AWS environment

To provide a backup service for your AWS data

To manage the computational resources of your AWS environment

Security Quiz Chapter 12

Professional Development

•

100 Qs

Similar activities

int345

Professional Development

•

105 Qs

Final

Professional Development

•

98 Qs

Final_quiz

Professional Development

•

97 Qs

Intro to CS By shady

Professional Development

•

100 Qs

QUIZZ AIJ XII - Latihan PTS Semester Ganjil 2020

KG - Professional Development

•

100 Qs

Olimpiade Jaringan Mikrotik (OJM)

Professional Development

•

100 Qs

computer basics 3

University - Professional Development

•

100 Qs

AWS SA Class 1. Cloud Computing and AWS Quiz

Professional Development

•

99 Qs

Security Quiz Chapter 12

Quiz

•

Computers

•

Professional Development

•

Practice Problem

•

Medium

William Rodriguez

Used 1+ times

FREE Resource

Using the root user for routine administrative tasks

Requiring an administrator to reset an expired password

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

100 questions

july2024

Quiz

•

Professional Development

105 questions

Google Professional Security Engineer

Quiz

•

Professional Development

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

54 questions

Analyzing Line Graphs & Tables

Quiz

•

4th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

15 questions

Equivalent Fractions

Quiz

•

4th Grade

Discover more resources for Computers

20 questions

Black History Month Trivia Game #1

Quiz

•

Professional Development

100 questions

Screening Test Customer Service

Quiz

•

Professional Development

20 questions

90s Cartoons

Quiz

•

Professional Development

10 questions

Reading a ruler in Inches

Quiz

•

4th Grade - Professio...

16 questions

Parallel, Perpendicular, and Intersecting Lines

Quiz

•

KG - Professional Dev...

12 questions

Valentines Day Trivia

Quiz

•

Professional Development

Security Quiz Chapter 12

100 questions

What are the three elements of data that need to be ensured for effective protection, collectively known as "CIA"?

Which two mechanisms are commonly used for enforcing data confidentiality?

What is the primary goal of cryptographic hashing and logging in terms of data security?

What is the first step in protecting your AWS credentials according to the text?

What is the second step to ensure when managing AWS credentials?

What is a principal in AWS IAM terminology?

Which of the following is recommended to secure the root user in AWS?

What is the minimum password length that you can set for IAM users in AWS?

What is the principle of least privilege in information security?

By default, what permissions do IAM principals have when they are created?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers